6

CVE-2008-2943

Double free vulnerability in IBM Tivoli Directory Server (TDS) 6.1.0.0 through 6.1.0.15 allows remote authenticated administrators to cause a denial of service (ABEND) and possibly execute arbitrary code by using ldapadd to attempt to create a duplicate ibm-globalAdminGroup LDAP database entry.  NOTE: the vendor states "There is no real risk of a vulnerability," although there are likely scenarios in which a user is allowed to make administrative LDAP requests but does not have the privileges to stop the server.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmTivoli Directory Server Version6.1.0.0
IbmTivoli Directory Server Version6.1.0.1
IbmTivoli Directory Server Version6.1.0.2
IbmTivoli Directory Server Version6.1.0.3
IbmTivoli Directory Server Version6.1.0.4
IbmTivoli Directory Server Version6.1.0.5
IbmTivoli Directory Server Version6.1.0.6
IbmTivoli Directory Server Version6.1.0.7
IbmTivoli Directory Server Version6.1.0.8
IbmTivoli Directory Server Version6.1.0.9
IbmTivoli Directory Server Version6.1.0.10
IbmTivoli Directory Server Version6.1.0.11
IbmTivoli Directory Server Version6.1.0.12
IbmTivoli Directory Server Version6.1.0.13
IbmTivoli Directory Server Version6.1.0.14
IbmTivoli Directory Server Version6.1.0.15
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.42% 0.82
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6 6.8 6.4
AV:N/AC:M/Au:S/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/30786
Vendor Advisory
http://www-1.ibm.com/support/docview.wss?uid=swg1IO09113
http://www.securityfocus.com/bid/30010
http://www.vupen.com/english/advisories/2008/1970
https://exchange.xforce.ibmcloud.com/vulnerabilities/43465