Design/Logic Flaw

2011-04-2110:55:00

PRIOn knowledge base

www.prio-n.com

6.5 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

65.1%

JSON

Use-after-free vulnerability in the proxy-server implementation in IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.65 (aka 6.0.0.8-TIV-ITDS-IF0007) and 6.3 before 6.3.0.1 (aka 6.3.0.0-TIV-ITDS-IF0001) allows remote authenticated users to cause a denial of service (daemon crash) via a paged search that is interrupted by an LDAP Unbind operation.

CPENameOperatorVersion
tivoli_directory_servereq6.0.0.14
tivoli_directory_servereq6.0.0.61
tivoli_directory_servereq6.0.0.64
tivoli_directory_servereq6.0.0.53
tivoli_directory_servereq6.0.0.54
tivoli_directory_servereq6.0.0.0
tivoli_directory_servereq6.0.0.62
tivoli_directory_servereq6.0.0.56
tivoli_directory_servereq6.0.0.1
tivoli_directory_servereq6.0.0.7

Name	Operator	Version
tivoli_directory_server	eq	6.0.0.14
tivoli_directory_server	eq	6.0.0.61
tivoli_directory_server	eq	6.0.0.64
tivoli_directory_server	eq	6.0.0.53
tivoli_directory_server	eq	6.0.0.54
tivoli_directory_server	eq	6.0.0.0
tivoli_directory_server	eq	6.0.0.62
tivoli_directory_server	eq	6.0.0.56
tivoli_directory_server	eq	6.0.0.1
tivoli_directory_server	eq	6.0.0.7