Lucene search
MitreCVE-2010-4217HistoryNov 09, 2010 - 9:00 p.m.
CVE-2010-4217
2010-11-0921:00:06
CWE-399
mitre
web.nvd.nist.gov
23
ibm
tivoli
directory server
vulnerability
use-after-free
proxy server
remote attack
denial of service
ibm tivoli directory server
nvd
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
6.7
Confidence
High
EPSS
0.052
Percentile
93.1%
Use-after-free vulnerability in the proxy server in IBM Tivoli Directory Server (TDS) 6.0.0.x before 6.0.0.8-TIV-ITDS-IF0007 and 6.1.x before 6.1.0-TIV-ITDS-FP0005 allows remote attackers to cause a denial of service (daemon crash) via an unbind request that occurs during a certain search operation.
Affected configurations
Node
ibmtivoli_directory_serverMatch6.0.0.0
ORibmtivoli_directory_serverMatch6.0.0.1
ORibmtivoli_directory_serverMatch6.0.0.7
ORibmtivoli_directory_serverMatch6.0.0.8
ORibmtivoli_directory_serverMatch6.0.0.14
ORibmtivoli_directory_serverMatch6.0.0.19
ORibmtivoli_directory_serverMatch6.0.0.33
ORibmtivoli_directory_serverMatch6.0.0.41
ORibmtivoli_directory_serverMatch6.0.0.45
ORibmtivoli_directory_serverMatch6.0.0.52
ORibmtivoli_directory_serverMatch6.0.0.53
ORibmtivoli_directory_serverMatch6.0.0.54
ORibmtivoli_directory_serverMatch6.0.0.55
ORibmtivoli_directory_serverMatch6.0.0.56
ORibmtivoli_directory_serverMatch6.0.0.57
ORibmtivoli_directory_serverMatch6.0.0.58
ORibmtivoli_directory_serverMatch6.0.0.59
ORibmtivoli_directory_serverMatch6.0.0.60
ORibmtivoli_directory_serverMatch6.0.0.61
ORibmtivoli_directory_serverMatch6.0.0.62
ORibmtivoli_directory_serverMatch6.0.0.63
ORibmtivoli_directory_serverMatch6.0.0.64
ORibmtivoli_directory_serverMatch6.1.0.0
ORibmtivoli_directory_serverMatch6.1.0.5
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | tivoli_directory_server | 6.0.0.0 | cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.0:*:*:*:*:*:*:* |
| ibm | tivoli_directory_server | 6.0.0.1 | cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.1:*:*:*:*:*:*:* |
| ibm | tivoli_directory_server | 6.0.0.7 | cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.7:*:*:*:*:*:*:* |
| ibm | tivoli_directory_server | 6.0.0.8 | cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.8:*:*:*:*:*:*:* |
| ibm | tivoli_directory_server | 6.0.0.14 | cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.14:*:*:*:*:*:*:* |
| ibm | tivoli_directory_server | 6.0.0.19 | cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.19:*:*:*:*:*:*:* |
| ibm | tivoli_directory_server | 6.0.0.33 | cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.33:*:*:*:*:*:*:* |
| ibm | tivoli_directory_server | 6.0.0.41 | cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.41:*:*:*:*:*:*:* |
| ibm | tivoli_directory_server | 6.0.0.45 | cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.45:*:*:*:*:*:*:* |
| ibm | tivoli_directory_server | 6.0.0.52 | cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.52:*:*:*:*:*:*:* |
References
Related
openvas
openvas
IBM Tivoli Directory Proxy Server Denial of Service Vulnerability
2011-01-21 00:00:00
IBM Tivoli Directory Proxy Server Denial of Service Vulnerability
2011-01-21 00:00:00
cvelist
cvelist
CVE-2010-4217
2010-11-09 20:00:00
nvd
nvd
CVE-2010-4217
2010-11-09 21:00:06
prion
prion
Design/Logic Flaw
2010-11-09 21:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
AI Score
6.7
Confidence
High
EPSS
0.052
Percentile
93.1%
Related for CVE-2010-4217