CVE-2010-0312

Exploit

EPSS 0.57%
Published 14.01.2010 19:30:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

The do_extendedOp function in ibmslapd in IBM Tivoli Directory Server (TDS) 6.2 on Linux allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted SecureWay 3.2 Event Registration Request (aka a 1.3.18.0.2.12.1 request).

Affected products Warnungen 0 Metrics 2 CWE 1 References 5

Data is provided by the National Vulnerability Database (NVD)

Ibm ≫ Tivoli Directory Server Version6.2

Linux ≫ Linux Kernel

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.57%	0.66

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://intevydis.blogspot.com/2010/01/tivoli-directory-server-62-doextendedop.html

Exploit

http://securitytracker.com/id?1023433

https://nvd.nist.gov/vuln/detail/CVE-2010-0312

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2010-0312

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2010-0312

EUVD