CVSS: 7.5EPSS: 1%CPEs: 140EXPL: 0CVE-2015-0138 – JDK: ephemeral RSA keys accepted for non-export SSL/TLS cipher suites (FREAK)
https://notcve.org/view.php?id=CVE-2015-0138
25 Mar 2015 — GSKit in IBM Tivoli Directory Server (ITDS) 6.0 before 6.0.0.73-ISS-ITDS-IF0073, 6.1 before 6.1.0.66-ISS-ITDS-IF0066, 6.2 before 6.2.0.42-ISS-ITDS-IF0042, and 6.3 before 6.3.0.35-ISS-ITDS-IF0035 and IBM Security Directory Server (ISDS) 6.3.1 before 6.3.1.9-ISS-ISDS-IF0009 does not properly restrict TLS state transitions, which makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CV... • http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html • CWE-310: Cryptographic Issues CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 6.4EPSS: 0%CPEs: 19EXPL: 0CVE-2012-0726
https://notcve.org/view.php?id=CVE-2012-0726
22 Apr 2012 — The default configuration of TLS in IBM Tivoli Directory Server (TDS) 6.3 and earlier supports the (1) NULL-MD5 and (2) NULL-SHA ciphers, which allows remote attackers to trigger unencrypted communication via the TLS Handshake Protocol. La configuración por defecto de TLS en Tivoli Directory Server (TDS) v6.3 y anteriores, soporta los cifrados (1) NULL-MD5 y (2) NULL-SHA, lo que permite a atacantes remotos lanzar comunicaciones no cifradas a través de TLS Handshake Protocol. • http://www-01.ibm.com/support/docview.wss?uid=swg21591272 • CWE-310: Cryptographic Issues •
CVSS: 7.5EPSS: 1%CPEs: 19EXPL: 0CVE-2012-0743
https://notcve.org/view.php?id=CVE-2012-0743
22 Apr 2012 — IBM Tivoli Directory Server (TDS) 6.3 and earlier allows remote attackers to cause a denial of service (daemon crash) via a malformed LDAP paged search request. IBM Tivoli Director Server (TDS) v6.3 y anteriores, permite a atacantes remotos provocar una denegación de servicio (caída del demonio) a través de una petición de búsqueda paginada LDAP mal formada. • http://www-01.ibm.com/support/docview.wss?uid=swg21591267 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0CVE-2010-2927
https://notcve.org/view.php?id=CVE-2010-2927
02 Aug 2010 — The slapi_printmessage function in IBM Tivoli Directory Server (ITDS) before 6.0.0.8-TIV-ITDS-IF0006 allows remote attackers to cause a denial of service (daemon crash) via multiple incomplete DIGEST-MD5 connection attempts. La función slapi_printmessage en IBM Tivoli Directory Server (ITDS) en versiones anteriores a la 6.0.0.8-TIV-ITDS-IF0006, permite a atacantes remotos provocar una denegación de servicio (caída del demonio) mediante múltiples intentos de conexión DIGEST-MD5 incompletos. • http://osvdb.org/66782 • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 5%CPEs: 2EXPL: 6CVE-2004-2526 – IBM Tivoli Directory Server 3.2.2/4.1 - LDACGI Directory Traversal
https://notcve.org/view.php?id=CVE-2004-2526
31 Dec 2004 — Directory traversal vulnerability in ldacgi.exe in IBM Tivoli Directory Server 4.1 and earlier allows remote attackers to view arbitrary files via a .. (dot dot) in the Template parameter. • https://www.exploit-db.com/exploits/24345 •