CVSS: 7.5EPSS: 0%CPEs: 84EXPL: 0CVE-2011-1820
https://notcve.org/view.php?id=CVE-2011-1820
21 Apr 2011 — IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-IF0010, 6.0 before 6.0.0.67 (aka 6.0.0.8-TIV-ITDS-IF0009), 6.1 before 6.1.0.40 (aka 6.1.0.5-TIV-ITDS-IF0003), 6.2 before 6.2.0.16 (aka 6.2.0.3-TIV-ITDS-IF0002), and 6.3 before 6.3.0.3 (aka 6.3.0.0-TIV-ITDS-IF0003) does not properly handle the ibm-auditAttributesOnGroupEvalOp setting for auditing of extended operations, which might allow attackers to obtain sensitive information by reading the audit log. IBM Tivoli Directory Server (TDS) v5.2 ante... • http://secunia.com/advisories/44184 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 19EXPL: 0CVE-2009-5072
https://notcve.org/view.php?id=CVE-2009-5072
21 Apr 2011 — Memory leak in the ldap_explode_dn function in IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.61 (aka 6.0.0.8-TIV-ITDS-IF0003) allows remote authenticated users to cause a denial of service (memory consumption) via an empty string argument. Pérdida de memoria en la función ldap_explode_dn en IBM Tivoli Directory Server (TDS) v6.0 anterior a v6.0.0.61 (también conocido como v6.0.0.8-ITV-ITDS-IF0003) permite a usuarios remotos autenticados causar una denegación de servicio (consumo de memoria) a través de... • http://www.ibm.com/support/docview.wss?uid=swg1IO11407 • CWE-399: Resource Management Errors •
CVSS: 6.5EPSS: 0%CPEs: 17EXPL: 0CVE-2009-5073
https://notcve.org/view.php?id=CVE-2009-5073
21 Apr 2011 — IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.59 (aka 6.0.0.8-TIV-ITDS-IF0001) allows remote authenticated users to cause a denial of service (infinite loop and daemon hang) by adding a nested group that contains the Distinguished Name (DN) of its parent entry. IBM Tivoli Directory Server (TDS) v6.0 anterior a v6.0.0.59 (también conocido como v6.0.0.8-ITV-ITDS-IF0001) permite a usuarios remotos autenticados causar una denegación de servicio (bucle infinito y el demonio de bloqueo) mediante la adición d... • http://www.ibm.com/support/docview.wss?uid=swg1IO10802 • CWE-399: Resource Management Errors •
CVSS: 6.5EPSS: 0%CPEs: 23EXPL: 0CVE-2010-4785
https://notcve.org/view.php?id=CVE-2010-4785
21 Apr 2011 — The do_extendedOp function in ibmslapd in IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.62 (aka 6.0.0.8-TIV-ITDS-IF0004) on Linux, Solaris, and Windows allows remote authenticated users to cause a denial of service (ABEND) via a malformed LDAP extended operation that triggers certain comparisons involving the NULL operation OID. La función do_extendedOp en ibmslapd en IBM Tivoli Directory Server (TDS) v6.0 anterior a v6.0.0.62 (también conocida como 6.0.0.8-ITV-ITDS-IF0004) en Linux, Solaris y Windows ... • http://www.ibm.com/support/docview.wss?uid=swg1IO11814 • CWE-399: Resource Management Errors •
CVSS: 6.5EPSS: 0%CPEs: 21EXPL: 0CVE-2010-4786
https://notcve.org/view.php?id=CVE-2010-4786
21 Apr 2011 — IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.63 (aka 6.0.0.8-TIV-ITDS-IF0005) allows remote authenticated users to cause a denial of service (daemon crash or hang) via a paged search, as demonstrated by a certain idsldapsearch command, related to an improper ibm-slapdIdleTimeOut configuration setting. IBM Tivoli Directory Server (TDS) v6.0 anterior a v6.0.0.63 (también conocido como v6.0.0.8-ITV-ITDS-IF0005) permite a usuarios remotos autenticados causar una denegación de servicio (caída o cuelgue del... • http://www.ibm.com/support/docview.wss?uid=swg1IO12316 • CWE-399: Resource Management Errors •
CVSS: 6.5EPSS: 0%CPEs: 21EXPL: 0CVE-2010-4787
https://notcve.org/view.php?id=CVE-2010-4787
21 Apr 2011 — IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.63 (aka 6.0.0.8-TIV-ITDS-IF0005) allows remote authenticated users to cause a denial of service (daemon hang) via a paged search that triggers improper mutex processing. IBM Tivoli Directory Server (TDS) v6.0 anterior a v6.0.0.63 (también conocido como v6.0.0.8-ITV-ITDS-IF0005) permite a usuarios remotos autenticados causar una denegación de servicio (bloqueo del demonio) a través de una búsqueda paginada que activa el procesamiento de exclusión mutua inade... • http://www.ibm.com/support/docview.wss?uid=swg1IO12476 • CWE-399: Resource Management Errors •
CVSS: 6.5EPSS: 0%CPEs: 20EXPL: 0CVE-2010-4788
https://notcve.org/view.php?id=CVE-2010-4788
21 Apr 2011 — IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.62 (aka 6.0.0.8-TIV-ITDS-IF0004) does not perform certain locking of linked-list access, which allows remote authenticated users to cause a denial of service (daemon crash) via a paged search. IBM Tivoli Directory Server (TDS) v6.0 anterior a v6.0.0.62 (tambien conocido como v6.0.0.8-ITV-ITDS-IF0004) no realiza el bloqueo del acceso a determinados accesos a listas de enlaces, lo que permite a usuarios remotos autenticados causar una denegación de servicio (... • http://www.ibm.com/support/docview.wss?uid=swg1IO11943 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 24EXPL: 0CVE-2010-4789
https://notcve.org/view.php?id=CVE-2010-4789
21 Apr 2011 — Use-after-free vulnerability in the proxy-server implementation in IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.65 (aka 6.0.0.8-TIV-ITDS-IF0007) and 6.3 before 6.3.0.1 (aka 6.3.0.0-TIV-ITDS-IF0001) allows remote authenticated users to cause a denial of service (daemon crash) via a paged search that is interrupted by an LDAP Unbind operation. Vulnerabilidad de uso después de la liberación en la aplicación proxy-server en IBM Tivoli Directory Server (TDS) v6.0 anterior a v6.0.0.65 (también conocido como... • http://www.ibm.com/support/docview.wss?uid=swg1IO13364 • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 59%CPEs: 84EXPL: 1CVE-2011-1206 – IBM Tivoli Directory Server ibmslapd.exe SASL Bind Request Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-1206
18 Apr 2011 — Stack-based buffer overflow in the server process in ibmslapd.exe in IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-IF0010, 6.0 before 6.0.0.67 (aka 6.0.0.8-TIV-ITDS-IF0009), 6.1 before 6.1.0.40 (aka 6.1.0.5-TIV-ITDS-IF0003), 6.2 before 6.2.0.16 (aka 6.2.0.3-TIV-ITDS-IF0002), and 6.3 before 6.3.0.3 (aka 6.3.0.0-TIV-ITDS-IF0003) allows remote attackers to execute arbitrary code via a crafted LDAP request. NOTE: some of these details are obtained from third party information. Desbordamiento de ... • https://www.exploit-db.com/exploits/17188 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 24EXPL: 0CVE-2010-4217
https://notcve.org/view.php?id=CVE-2010-4217
09 Nov 2010 — Use-after-free vulnerability in the proxy server in IBM Tivoli Directory Server (TDS) 6.0.0.x before 6.0.0.8-TIV-ITDS-IF0007 and 6.1.x before 6.1.0-TIV-ITDS-FP0005 allows remote attackers to cause a denial of service (daemon crash) via an unbind request that occurs during a certain search operation. Vulnerabilidad de uso después de liberación en el servidor de proxy en IBM Tivoli Directory Server (TDS) v6.0.0.x anterior a v6.0.0.8-TIV-ITDS-IF0007 y v6.1.x anterior a v6.1.0-TIV-ITDS-FP0005, permite a atacant... • http://secunia.com/advisories/42083 • CWE-399: Resource Management Errors •