CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2009-3088
https://notcve.org/view.php?id=CVE-2009-3088
Heap-based buffer overflow in ibmdiradm in IBM Tivoli Directory Server (TDS) 6.0 on Linux allows remote attackers to have an unspecified impact via unknown vectors that trigger heap corruption, as demonstrated by a certain module in VulnDisco Pack Professional 8.11. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. Desbordamiento de búfer basado en memoria dinámica en ibmdiradm de IBM Tivoli Directory Server (TDS) v6.0 en Linux permite a atacantes remotos tener un impacto sin especificar a través de vectores de ataque desconocidos que provocan una corrupción de la memoria dinámica, tal como se ha demostrado por ciertos módulos en VulnDisco Pack Professional 8.11. NOTA: a fecha de 03/09/2009, esta información no es explotable. • http://intevydis.com/vd-list.shtml http://secunia.com/advisories/36565 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2009-3090
https://notcve.org/view.php?id=CVE-2009-3090
Unspecified vulnerability in IBM Tivoli Directory Server (TDS) 6.0 on Linux allows remote attackers to cause a denial of service via unknown vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.11. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. Vulnerabilidad no especificada en IBM Tivoli Directory Server (TDS) v6.0 para Linux permite a atacantes remotos provocar una denegación de servicio mediante vectores no especificados, como se ha demostrado por cierto módulo en VulnDisco Pack Professional 8.11. NOTA: hasta el 3-3-2009, esta divulgación no tenía información para su puesta en práctica. • http://intevydis.com/vd-list.shtml http://secunia.com/advisories/36565 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2009-3089
https://notcve.org/view.php?id=CVE-2009-3089
IBM Tivoli Directory Server (TDS) 6.0 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via unspecified vectors, related to (1) the ibmslapd.exe daemon on Windows and (2) the ibmdiradm daemon in the administration server on Linux, as demonstrated by certain modules in VulnDisco Pack Professional 8.11, a different vulnerability than CVE-2006-0717. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. IBM Tivoli Directory Server (TDS) v6.0 permite a atacantes remotos provocar una denegación de servicio (referencia a puntero nulo y fin del demonio) mediante vectores no especificados, relacionados con (1) el demonio "ibmslapd.exe" para Windows y (2) el demonio "ibmdiradm" en el servidor de administración para Linux, como se ha demostrado por cierto módulo en VulnDisco Pack Professional v8.11, siendo una vulnerabilidad diferente a CVE-2006-0717. NOTA: hasta el 3-3-2009, esta divulgación no tenía información para su puesta en práctica. • http://intevydis.com/vd-list.shtml http://secunia.com/advisories/36565 •
CVSS: 5.0EPSS: 10%CPEs: 1EXPL: 2CVE-2006-0717 – IBM Tivoli Directory Server 6.0 - LDAP Memory Corruption
https://notcve.org/view.php?id=CVE-2006-0717
IBM Tivoli Directory Server 6.0 allows remote attackers to cause a denial of service (crash) via a crafted LDAP request, as demonstrated by test 2532 in the ProtoVer Sample LDAP test suite. • https://www.exploit-db.com/exploits/27196 http://lists.immunitysec.com/pipermail/dailydave/2006-February/002921.html http://secunia.com/advisories/18779 http://securitytracker.com/id?1015653 http://www-1.ibm.com/support/docview.wss?uid=swg21230820 http://www.securityfocus.com/bid/16593 http://www.vupen.com/english/advisories/2006/0537 https://exchange.xforce.ibmcloud.com/vulnerabilities/24619 •
CVSS: 5.8EPSS: 0%CPEs: 2EXPL: 0CVE-2005-3567
https://notcve.org/view.php?id=CVE-2005-3567
slapd daemon in IBM Tivoli Directory Server (ITDS) 5.2.0 and 6.0.0 binds using SASL EXTERNAL, which allows attackers to bypass authentication and modify and delete directory data via unknown attack vectors. • http://secunia.com/advisories/17484 http://securitytracker.com/id?1015171 http://www-1.ibm.com/support/docview.wss?rs=767&context=SSVJJU&dc=D400&uid=swg24010819&loc=en_US&cs=UTF-8&lang=en http://www-1.ibm.com/support/docview.wss?uid=isg1SSRVAIX53SECUR081510_247 http://www-1.ibm.com/support/docview.wss?uid=swg21222159 http://www-1.ibm.com/support/search.wss? • CWE-264: Permissions, Privileges, and Access Controls •