4

CVE-2010-4789

Use-after-free vulnerability in the proxy-server implementation in IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.65 (aka 6.0.0.8-TIV-ITDS-IF0007) and 6.3 before 6.3.0.1 (aka 6.3.0.0-TIV-ITDS-IF0001) allows remote authenticated users to cause a denial of service (daemon crash) via a paged search that is interrupted by an LDAP Unbind operation.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmTivoli Directory Server Version6.0
IbmTivoli Directory Server Version6.0.0.0
IbmTivoli Directory Server Version6.0.0.1
IbmTivoli Directory Server Version6.0.0.7
IbmTivoli Directory Server Version6.0.0.8
IbmTivoli Directory Server Version6.0.0.14
IbmTivoli Directory Server Version6.0.0.19
IbmTivoli Directory Server Version6.0.0.33
IbmTivoli Directory Server Version6.0.0.41
IbmTivoli Directory Server Version6.0.0.45
IbmTivoli Directory Server Version6.0.0.52
IbmTivoli Directory Server Version6.0.0.53
IbmTivoli Directory Server Version6.0.0.54
IbmTivoli Directory Server Version6.0.0.55
IbmTivoli Directory Server Version6.0.0.56
IbmTivoli Directory Server Version6.0.0.57
IbmTivoli Directory Server Version6.0.0.58
IbmTivoli Directory Server Version6.0.0.59
IbmTivoli Directory Server Version6.0.0.60
IbmTivoli Directory Server Version6.0.0.61
IbmTivoli Directory Server Version6.0.0.62
IbmTivoli Directory Server Version6.0.0.63
IbmTivoli Directory Server Version6.0.0.64
IbmTivoli Directory Server Version6.3.0.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.14% 0.624
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4 8 2.9
AV:N/AC:L/Au:S/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://www.ibm.com/support/docview.wss?uid=swg24029672
Patch
http://www.ibm.com/support/docview.wss?uid=swg1IO13364
http://www.ibm.com/support/docview.wss?uid=swg1IO13451
http://www.ibm.com/support/docview.wss?uid=swg24029659
Patch