Lucene search

[email protected]CVE-2010-4789

HistoryOct 03, 2022 - 4:21 p.m.

CVE-2010-4789

2022-10-0316:21:06

CWE-399

[email protected]

web.nvd.nist.gov

ibm tivoli directory server

tds 6.0

tds 6.3

use-after-free vulnerability

remote authenticated users

denial of service

nvd

cve-2010-4789

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

6.2 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

65.1%

JSON

Use-after-free vulnerability in the proxy-server implementation in IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.65 (aka 6.0.0.8-TIV-ITDS-IF0007) and 6.3 before 6.3.0.1 (aka 6.3.0.0-TIV-ITDS-IF0001) allows remote authenticated users to cause a denial of service (daemon crash) via a paged search that is interrupted by an LDAP Unbind operation.

Affected configurations

NVD

Node

ibmtivoli_directory_serverMatch6.0

ibmtivoli_directory_serverMatch6.0.0.0

ibmtivoli_directory_serverMatch6.0.0.1

ibmtivoli_directory_serverMatch6.0.0.7

ibmtivoli_directory_serverMatch6.0.0.8

ibmtivoli_directory_serverMatch6.0.0.14

ibmtivoli_directory_serverMatch6.0.0.19

ibmtivoli_directory_serverMatch6.0.0.33

ibmtivoli_directory_serverMatch6.0.0.41

ibmtivoli_directory_serverMatch6.0.0.45

ibmtivoli_directory_serverMatch6.0.0.52

ibmtivoli_directory_serverMatch6.0.0.53

ibmtivoli_directory_serverMatch6.0.0.54

ibmtivoli_directory_serverMatch6.0.0.55

ibmtivoli_directory_serverMatch6.0.0.56

ibmtivoli_directory_serverMatch6.0.0.57

ibmtivoli_directory_serverMatch6.0.0.58

ibmtivoli_directory_serverMatch6.0.0.59

ibmtivoli_directory_serverMatch6.0.0.60

ibmtivoli_directory_serverMatch6.0.0.61

ibmtivoli_directory_serverMatch6.0.0.62

ibmtivoli_directory_serverMatch6.0.0.63

ibmtivoli_directory_serverMatch6.0.0.64

ibmtivoli_directory_serverMatch6.3.0.0

CPENameOperatorVersion
ibm:tivoli_directory_serveribm tivoli directory servereq6.0
ibm:tivoli_directory_serveribm tivoli directory servereq6.0.0.0
ibm:tivoli_directory_serveribm tivoli directory servereq6.0.0.1
ibm:tivoli_directory_serveribm tivoli directory servereq6.0.0.7
ibm:tivoli_directory_serveribm tivoli directory servereq6.0.0.8
ibm:tivoli_directory_serveribm tivoli directory servereq6.0.0.14
ibm:tivoli_directory_serveribm tivoli directory servereq6.0.0.19
ibm:tivoli_directory_serveribm tivoli directory servereq6.0.0.33
ibm:tivoli_directory_serveribm tivoli directory servereq6.0.0.41
ibm:tivoli_directory_serveribm tivoli directory servereq6.0.0.45

CPE	Name	Operator	Version
ibm:tivoli_directory_server	ibm tivoli directory server	eq	6.0
ibm:tivoli_directory_server	ibm tivoli directory server	eq	6.0.0.0
ibm:tivoli_directory_server	ibm tivoli directory server	eq	6.0.0.1
ibm:tivoli_directory_server	ibm tivoli directory server	eq	6.0.0.7
ibm:tivoli_directory_server	ibm tivoli directory server	eq	6.0.0.8
ibm:tivoli_directory_server	ibm tivoli directory server	eq	6.0.0.14
ibm:tivoli_directory_server	ibm tivoli directory server	eq	6.0.0.19
ibm:tivoli_directory_server	ibm tivoli directory server	eq	6.0.0.33
ibm:tivoli_directory_server	ibm tivoli directory server	eq	6.0.0.41
ibm:tivoli_directory_server	ibm tivoli directory server	eq	6.0.0.45

Rows per page:

1-10 of 241

References

www.ibm.com/support/docview.wss?uid=swg1IO13364

www.ibm.com/support/docview.wss?uid=swg1IO13451

www.ibm.com/support/docview.wss?uid=swg24029659

www.ibm.com/support/docview.wss?uid=swg24029672

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

6.2 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

65.1%

JSON

Related for CVE-2010-4789

cvelist1 prion1 nvd1