Vulnerabilities > CVE-2006-0717 - LDAP Memory Corruption vulnerability in IBM Tivoli Directory Server 6.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
IBM Tivoli Directory Server 6.0 allows remote attackers to cause a denial of service (crash) via a crafted LDAP request, as demonstrated by test 2532 in the ProtoVer Sample LDAP test suite.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | IBM Tivoli Directory Server 6.0 Unspecified LDAP Memory Corruption Vulnerability. CVE-2006-0717. Dos exploits for multiple platform |
id | EDB-ID:27196 |
last seen | 2016-02-03 |
modified | 2006-02-11 |
published | 2006-02-11 |
reporter | Evgeny Legerov |
source | https://www.exploit-db.com/download/27196/ |
title | IBM Tivoli Directory Server 6.0 Unspecified LDAP Memory Corruption Vulnerability |
Nessus
NASL family | Denial of Service |
NASL id | TIVOLI_LDAP_DN_LENGTH_DOS.NASL |
description | The remote host appears to be running IBM Tivoli Directory Server, an LDAP directory from IBM. The version of IBM Tivoli Directory Server fails to handle certain malformed search requests. A user can leverage this issue to crash the LDAP server. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 20903 |
published | 2006-02-14 |
reporter | This script is Copyright (C) 2006-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/20903 |
title | IBM Tivoli Directory Server LDAP Packet Handling DoS |
code |
|
References
- http://lists.immunitysec.com/pipermail/dailydave/2006-February/002921.html
- http://secunia.com/advisories/18779
- http://securitytracker.com/id?1015653
- http://www.securityfocus.com/bid/16593
- http://www.vupen.com/english/advisories/2006/0537
- http://www-1.ibm.com/support/docview.wss?uid=swg21230820
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24619