5.2.0.4

CVSS 4.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

SINGLE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

ibm

CWE-399

NVD

Published: 2011-04-21

Updated: 2011-04-21

Summary

Multiple memory leaks in the (1) ldap_init and (2) ldap_url_search_direct API functions in IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-LA0007 allow remote authenticated users to cause a denial of service (memory consumption) by making many function calls.

Vulnerable Configurations

Part	Description	Count
Application	Ibm IBM Tivoli Directory Server 5.2.0 IBM Tivoli Directory Server 5.2.0.4	2

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

References

http://www.ibm.com/support/docview.wss?uid=swg1IO09650
http://www.ibm.com/support/docview.wss?uid=swg24029663