Lucene search

[email protected]CVE-2010-4785

HistoryOct 03, 2022 - 4:21 p.m.

CVE-2010-4785

2022-10-0316:21:05

CWE-399

[email protected]

web.nvd.nist.gov

ibm

tivoli directory server

tds 6.0

remote

authenticated

denial of service

ldap

abend

nvd

cve-2010-4785

6.2 Medium

AI Score

Confidence

Low

4 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

49.8%

JSON

The do_extendedOp function in ibmslapd in IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.62 (aka 6.0.0.8-TIV-ITDS-IF0004) on Linux, Solaris, and Windows allows remote authenticated users to cause a denial of service (ABEND) via a malformed LDAP extended operation that triggers certain comparisons involving the NULL operation OID.

Affected configurations

NVD

Node

ibmtivoli_directory_serverMatch6.0

ibmtivoli_directory_serverMatch6.0.0.0

ibmtivoli_directory_serverMatch6.0.0.1

ibmtivoli_directory_serverMatch6.0.0.7

ibmtivoli_directory_serverMatch6.0.0.8

ibmtivoli_directory_serverMatch6.0.0.14

ibmtivoli_directory_serverMatch6.0.0.19

ibmtivoli_directory_serverMatch6.0.0.33

ibmtivoli_directory_serverMatch6.0.0.41

ibmtivoli_directory_serverMatch6.0.0.45

ibmtivoli_directory_serverMatch6.0.0.52

ibmtivoli_directory_serverMatch6.0.0.53

ibmtivoli_directory_serverMatch6.0.0.54

ibmtivoli_directory_serverMatch6.0.0.55

ibmtivoli_directory_serverMatch6.0.0.56

ibmtivoli_directory_serverMatch6.0.0.57

ibmtivoli_directory_serverMatch6.0.0.58

ibmtivoli_directory_serverMatch6.0.0.59

ibmtivoli_directory_serverMatch6.0.0.60

ibmtivoli_directory_serverMatch6.0.0.61

AND

linuxlinux_kernel

microsoftwindows

sunsunos

CPENameOperatorVersion
ibm:tivoli_directory_serveribm tivoli directory servereq6.0
ibm:tivoli_directory_serveribm tivoli directory servereq6.0.0.0
ibm:tivoli_directory_serveribm tivoli directory servereq6.0.0.1
ibm:tivoli_directory_serveribm tivoli directory servereq6.0.0.7
ibm:tivoli_directory_serveribm tivoli directory servereq6.0.0.8
ibm:tivoli_directory_serveribm tivoli directory servereq6.0.0.14
ibm:tivoli_directory_serveribm tivoli directory servereq6.0.0.19
ibm:tivoli_directory_serveribm tivoli directory servereq6.0.0.33
ibm:tivoli_directory_serveribm tivoli directory servereq6.0.0.41
ibm:tivoli_directory_serveribm tivoli directory servereq6.0.0.45

CPE	Name	Operator	Version
ibm:tivoli_directory_server	ibm tivoli directory server	eq	6.0
ibm:tivoli_directory_server	ibm tivoli directory server	eq	6.0.0.0
ibm:tivoli_directory_server	ibm tivoli directory server	eq	6.0.0.1
ibm:tivoli_directory_server	ibm tivoli directory server	eq	6.0.0.7
ibm:tivoli_directory_server	ibm tivoli directory server	eq	6.0.0.8
ibm:tivoli_directory_server	ibm tivoli directory server	eq	6.0.0.14
ibm:tivoli_directory_server	ibm tivoli directory server	eq	6.0.0.19
ibm:tivoli_directory_server	ibm tivoli directory server	eq	6.0.0.33
ibm:tivoli_directory_server	ibm tivoli directory server	eq	6.0.0.41
ibm:tivoli_directory_server	ibm tivoli directory server	eq	6.0.0.45

Rows per page:

1-10 of 201

References

www.ibm.com/support/docview.wss?uid=swg1IO11814

www.ibm.com/support/docview.wss?uid=swg24029672

6.2 Medium

AI Score

Confidence

Low

4 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

49.8%

JSON

Related for CVE-2010-4785

cvelist1 prion1 nvd1