CVSS: 6.5EPSS: 0%CPEs: 21EXPL: 0CVE-2010-4786
https://notcve.org/view.php?id=CVE-2010-4786
21 Apr 2011 — IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.63 (aka 6.0.0.8-TIV-ITDS-IF0005) allows remote authenticated users to cause a denial of service (daemon crash or hang) via a paged search, as demonstrated by a certain idsldapsearch command, related to an improper ibm-slapdIdleTimeOut configuration setting. IBM Tivoli Directory Server (TDS) v6.0 anterior a v6.0.0.63 (también conocido como v6.0.0.8-ITV-ITDS-IF0005) permite a usuarios remotos autenticados causar una denegación de servicio (caída o cuelgue del... • http://www.ibm.com/support/docview.wss?uid=swg1IO12316 • CWE-399: Resource Management Errors •
CVSS: 6.5EPSS: 0%CPEs: 21EXPL: 0CVE-2010-4787
https://notcve.org/view.php?id=CVE-2010-4787
21 Apr 2011 — IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.63 (aka 6.0.0.8-TIV-ITDS-IF0005) allows remote authenticated users to cause a denial of service (daemon hang) via a paged search that triggers improper mutex processing. IBM Tivoli Directory Server (TDS) v6.0 anterior a v6.0.0.63 (también conocido como v6.0.0.8-ITV-ITDS-IF0005) permite a usuarios remotos autenticados causar una denegación de servicio (bloqueo del demonio) a través de una búsqueda paginada que activa el procesamiento de exclusión mutua inade... • http://www.ibm.com/support/docview.wss?uid=swg1IO12476 • CWE-399: Resource Management Errors •
CVSS: 6.5EPSS: 0%CPEs: 20EXPL: 0CVE-2010-4788
https://notcve.org/view.php?id=CVE-2010-4788
21 Apr 2011 — IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.62 (aka 6.0.0.8-TIV-ITDS-IF0004) does not perform certain locking of linked-list access, which allows remote authenticated users to cause a denial of service (daemon crash) via a paged search. IBM Tivoli Directory Server (TDS) v6.0 anterior a v6.0.0.62 (tambien conocido como v6.0.0.8-ITV-ITDS-IF0004) no realiza el bloqueo del acceso a determinados accesos a listas de enlaces, lo que permite a usuarios remotos autenticados causar una denegación de servicio (... • http://www.ibm.com/support/docview.wss?uid=swg1IO11943 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 24EXPL: 0CVE-2010-4789
https://notcve.org/view.php?id=CVE-2010-4789
21 Apr 2011 — Use-after-free vulnerability in the proxy-server implementation in IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.65 (aka 6.0.0.8-TIV-ITDS-IF0007) and 6.3 before 6.3.0.1 (aka 6.3.0.0-TIV-ITDS-IF0001) allows remote authenticated users to cause a denial of service (daemon crash) via a paged search that is interrupted by an LDAP Unbind operation. Vulnerabilidad de uso después de la liberación en la aplicación proxy-server en IBM Tivoli Directory Server (TDS) v6.0 anterior a v6.0.0.65 (también conocido como... • http://www.ibm.com/support/docview.wss?uid=swg1IO13364 • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 59%CPEs: 84EXPL: 1CVE-2011-1206 – IBM Tivoli Directory Server ibmslapd.exe SASL Bind Request Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-1206
18 Apr 2011 — Stack-based buffer overflow in the server process in ibmslapd.exe in IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-IF0010, 6.0 before 6.0.0.67 (aka 6.0.0.8-TIV-ITDS-IF0009), 6.1 before 6.1.0.40 (aka 6.1.0.5-TIV-ITDS-IF0003), 6.2 before 6.2.0.16 (aka 6.2.0.3-TIV-ITDS-IF0002), and 6.3 before 6.3.0.3 (aka 6.3.0.0-TIV-ITDS-IF0003) allows remote attackers to execute arbitrary code via a crafted LDAP request. NOTE: some of these details are obtained from third party information. Desbordamiento de ... • https://www.exploit-db.com/exploits/17188 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2010-4216
https://notcve.org/view.php?id=CVE-2010-4216
09 Nov 2010 — IBM Tivoli Directory Server (TDS) 6.0.0.x before 6.0.0.8-TIV-ITDS-IF0007 does not properly handle invalid buffer references in LDAP BER requests, which might allow remote attackers to cause a denial of service (daemon crash) via vectors involving a buffer that has a memory address near the maximum possible address. IBM Tivoli Directory Server (TDS) v6.0.0.x anterior a v6.0.0.8-TIV-ITDS-IF0007 no maneja adecuadamente las referencias inválidas de búfer en peticiones LDAP BER, lo que podría permitir a atacante... • http://secunia.com/advisories/42116 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 24EXPL: 0CVE-2010-4217
https://notcve.org/view.php?id=CVE-2010-4217
09 Nov 2010 — Use-after-free vulnerability in the proxy server in IBM Tivoli Directory Server (TDS) 6.0.0.x before 6.0.0.8-TIV-ITDS-IF0007 and 6.1.x before 6.1.0-TIV-ITDS-FP0005 allows remote attackers to cause a denial of service (daemon crash) via an unbind request that occurs during a certain search operation. Vulnerabilidad de uso después de liberación en el servidor de proxy en IBM Tivoli Directory Server (TDS) v6.0.0.x anterior a v6.0.0.8-TIV-ITDS-IF0007 y v6.1.x anterior a v6.1.0-TIV-ITDS-FP0005, permite a atacant... • http://secunia.com/advisories/42083 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0CVE-2010-2927
https://notcve.org/view.php?id=CVE-2010-2927
02 Aug 2010 — The slapi_printmessage function in IBM Tivoli Directory Server (ITDS) before 6.0.0.8-TIV-ITDS-IF0006 allows remote attackers to cause a denial of service (daemon crash) via multiple incomplete DIGEST-MD5 connection attempts. La función slapi_printmessage en IBM Tivoli Directory Server (ITDS) en versiones anteriores a la 6.0.0.8-TIV-ITDS-IF0006, permite a atacantes remotos provocar una denegación de servicio (caída del demonio) mediante múltiples intentos de conexión DIGEST-MD5 incompletos. • http://osvdb.org/66782 • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2010-0312
https://notcve.org/view.php?id=CVE-2010-0312
14 Jan 2010 — The do_extendedOp function in ibmslapd in IBM Tivoli Directory Server (TDS) 6.2 on Linux allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted SecureWay 3.2 Event Registration Request (aka a 1.3.18.0.2.12.1 request). La función do_extendedOp en ibmslapd en IBM Tivoli Directory Server (TDS) v6.2 sobre Linux, permite a atacantes remotos provocar una denegación de servicio (deferencia a puntero NULL y caída de demonio), a través de un SecureWay 3.2 Event... • http://intevydis.blogspot.com/2010/01/tivoli-directory-server-62-doextendedop.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2009-3088
https://notcve.org/view.php?id=CVE-2009-3088
08 Sep 2009 — Heap-based buffer overflow in ibmdiradm in IBM Tivoli Directory Server (TDS) 6.0 on Linux allows remote attackers to have an unspecified impact via unknown vectors that trigger heap corruption, as demonstrated by a certain module in VulnDisco Pack Professional 8.11. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. Desbordamiento de búfer basado en memor... • http://intevydis.com/vd-list.shtml • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •