Summary
The host is running IBM Tivoli Directory Server and is prone to denial of service vulnerability.
Impact
Successful exploitation will allow attacker to crash an affected server, creating a denial of service condition.
Impact Level: Application
Solution
Apply interim fix 6.0.0.8-TIV-ITDS-IF0007 or 6.1.0-TIV-ITDS-FP0005.
https://www-304.ibm.com/support/docview.wss?uid=swg1IO13364 https://www-304.ibm.com/support/docview.wss?uid=swg1IO13282
Insight
The flaw is is caused by an error in the Proxy server when constructing LDAP search requests, which could allow remote attackers to crash an affected server by sending an unbind operation during a page results search.
Affected
IBM Tivoli Directory Server (TDS) 6.0.0.x before 6.0.0.8-TIV-ITDS-IF0007 and 6.1.x before 6.1.0-TIV-ITDS-FP0005.
References
Severity
Classification
-
CVE CVE-2010-4217 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Apple Safari Nested 'object' Tag Remote Denial Of Service vulnerability
- ClamAV 'cli_pdf()' PDF File Processing Denial Of Service Vulnerability
- Apple Safari Malformed URI Remote DoS Vulnerability (Win)
- AyeView GIF Image Handling Denial of Service Vulnerability
- Apache Traffic Server HTTP Host Header Denial of Service Vulnerability