slapd daemon in IBM Tivoli Directory Server (ITDS) 5.2.0 and 6.0.0 binds using SASL EXTERNAL, which allows attackers to bypass authentication and modify and delete directory data via unknown attack vectors.
secunia.com/advisories/17484
securitytracker.com/id?1015171
www-1.ibm.com/support/docview.wss?rs=767&context=SSVJJU&dc=D400&uid=swg24010819&loc=en_US&cs=UTF-8&lang=en
www-1.ibm.com/support/docview.wss?uid=isg1SSRVAIX53SECUR081510_247
www-1.ibm.com/support/docview.wss?uid=swg21222159
www-1.ibm.com/support/search.wss?rs=0&q=IO02697&apar=only
www-1.ibm.com/support/search.wss?rs=0&q=IO02714&apar=only
www.kb.cert.org/vuls/id/194753
www.osvdb.org/20672
www.securityfocus.com/bid/15367
www.vupen.com/english/advisories/2005/2356
exchange.xforce.ibmcloud.com/vulnerabilities/22989