6
CVE-2008-2943
- EPSS 2.42%
- Veröffentlicht 30.06.2008 21:41:00
- Zuletzt bearbeitet 16.06.2026 22:54:47
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Double free vulnerability in IBM Tivoli Directory Server (TDS) 6.1.0.0 through 6.1.0.15 allows remote authenticated administrators to cause a denial of service (ABEND) and possibly execute arbitrary code by using ldapadd to attempt to create a duplicate ibm-globalAdminGroup LDAP database entry. NOTE: the vendor states "There is no real risk of a vulnerability," although there are likely scenarios in which a user is allowed to make administrative LDAP requests but does not have the privileges to stop the server.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Tivoli Directory Server Version6.1.0.0
Ibm ≫ Tivoli Directory Server Version6.1.0.1
Ibm ≫ Tivoli Directory Server Version6.1.0.2
Ibm ≫ Tivoli Directory Server Version6.1.0.3
Ibm ≫ Tivoli Directory Server Version6.1.0.4
Ibm ≫ Tivoli Directory Server Version6.1.0.5
Ibm ≫ Tivoli Directory Server Version6.1.0.6
Ibm ≫ Tivoli Directory Server Version6.1.0.7
Ibm ≫ Tivoli Directory Server Version6.1.0.8
Ibm ≫ Tivoli Directory Server Version6.1.0.9
Ibm ≫ Tivoli Directory Server Version6.1.0.10
Ibm ≫ Tivoli Directory Server Version6.1.0.11
Ibm ≫ Tivoli Directory Server Version6.1.0.12
Ibm ≫ Tivoli Directory Server Version6.1.0.13
Ibm ≫ Tivoli Directory Server Version6.1.0.14
Ibm ≫ Tivoli Directory Server Version6.1.0.15
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.42% | 0.82 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6 | 6.8 | 6.4 |
AV:N/AC:M/Au:S/C:P/I:P/A:P
|
http://secunia.com/advisories/30786
http://www-1.ibm.com/support/docview.wss?uid=swg1IO09113
http://www.securityfocus.com/bid/30010
http://www.vupen.com/english/advisories/2008/1970
https://exchange.xforce.ibmcloud.com/vulnerabilities/43465