Lucene search

MitreCVE-2001-1310

HistoryMay 03, 2002 - 4:00 a.m.

CVE-2001-1310

2002-05-0304:00:00

mitre

web.nvd.nist.gov

ibm secureway

vulnerability

remote attacks

denial of service

arbitrary code

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.4

Confidence

High

EPSS

0.037

Percentile

91.8%

JSON

IBM SecureWay 3.2.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, via invalid encodings for the L field of a BER encoding, as demonstrated by the PROTOS LDAPv3 test suite.

Affected configurations

Nvd

Node

ibmsecureway_directoryMatch3.2.1

VendorProductVersionCPE
ibmsecureway_directory3.2.1cpe:2.3:a:ibm:secureway_directory:3.2.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	secureway_directory	3.2.1	cpe:2.3:a:ibm:secureway_directory:3.2.1:::::::*

References

ciac.llnl.gov/ciac/bulletins/l-116.shtml

www.cert.org/advisories/CA-2001-18.html

www.ee.oulu.fi/research/ouspg/protos/testing/c06/ldapv3/

www.kb.cert.org/vuls/id/505564

www.kb.cert.org/vuls/id/CFCR-4YQ33Y

www.securityfocus.com/bid/3040

exchange.xforce.ibmcloud.com/vulnerabilities/6894

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.4

Confidence

High

EPSS

0.037

Percentile

91.8%

JSON

Related for CVE-2001-1310