Vulnerabilities > IBM > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-04-21 | CVE-2011-1821 | Resource Management Errors vulnerability in IBM Tivoli Directory Server 5.2.0/5.2.0.4 IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-IF0010 on Windows allows remote authenticated users to cause a denial of service (daemon hang) via a cn=changelog search. | 4.0 |
| 2011-04-21 | CVE-2010-4789 | Resource Management Errors vulnerability in IBM Tivoli Directory Server Use-after-free vulnerability in the proxy-server implementation in IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.65 (aka 6.0.0.8-TIV-ITDS-IF0007) and 6.3 before 6.3.0.1 (aka 6.3.0.0-TIV-ITDS-IF0001) allows remote authenticated users to cause a denial of service (daemon crash) via a paged search that is interrupted by an LDAP Unbind operation. | 4.0 |
| 2011-04-21 | CVE-2010-4788 | Improper Input Validation vulnerability in IBM Tivoli Directory Server IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.62 (aka 6.0.0.8-TIV-ITDS-IF0004) does not perform certain locking of linked-list access, which allows remote authenticated users to cause a denial of service (daemon crash) via a paged search. | 4.0 |
| 2011-04-21 | CVE-2010-4787 | Resource Management Errors vulnerability in IBM Tivoli Directory Server IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.63 (aka 6.0.0.8-TIV-ITDS-IF0005) allows remote authenticated users to cause a denial of service (daemon hang) via a paged search that triggers improper mutex processing. | 4.0 |
| 2011-04-21 | CVE-2010-4786 | Resource Management Errors vulnerability in IBM Tivoli Directory Server IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.63 (aka 6.0.0.8-TIV-ITDS-IF0005) allows remote authenticated users to cause a denial of service (daemon crash or hang) via a paged search, as demonstrated by a certain idsldapsearch command, related to an improper ibm-slapdIdleTimeOut configuration setting. | 4.0 |
| 2011-04-21 | CVE-2010-4785 | Resource Management Errors vulnerability in IBM Tivoli Directory Server The do_extendedOp function in ibmslapd in IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.62 (aka 6.0.0.8-TIV-ITDS-IF0004) on Linux, Solaris, and Windows allows remote authenticated users to cause a denial of service (ABEND) via a malformed LDAP extended operation that triggers certain comparisons involving the NULL operation OID. | 4.0 |
| 2011-04-21 | CVE-2009-5073 | Resource Management Errors vulnerability in IBM Tivoli Directory Server IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.59 (aka 6.0.0.8-TIV-ITDS-IF0001) allows remote authenticated users to cause a denial of service (infinite loop and daemon hang) by adding a nested group that contains the Distinguished Name (DN) of its parent entry. | 4.0 |
| 2011-04-21 | CVE-2009-5072 | Resource Management Errors vulnerability in IBM Tivoli Directory Server Memory leak in the ldap_explode_dn function in IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.61 (aka 6.0.0.8-TIV-ITDS-IF0003) allows remote authenticated users to cause a denial of service (memory consumption) via an empty string argument. | 4.0 |
| 2011-04-21 | CVE-2008-7290 | Resource Management Errors vulnerability in IBM Tivoli Directory Server 5.2.0/5.2.0.4 Memory leak in the ldap_explode_rdn API function in IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-LA0007 allows remote authenticated users to cause a denial of service (memory consumption) by making many function calls. | 4.0 |
| 2011-04-21 | CVE-2008-7289 | Improper Input Validation vulnerability in IBM Tivoli Directory Server 5.2.0/5.2.0.4 IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-LA0007 does not properly handle the simultaneous changing of multiple passwords, which makes it easier for remote authenticated users to cause a denial of service (DB2 daemon deadlock) by making password changes that trigger updates to a DB2 password-history table. | 4.0 |