Description
IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.62 (aka 6.0.0.8-TIV-ITDS-IF0004) does not perform certain locking of linked-list access, which allows remote authenticated users to cause a denial of service (daemon crash) via a paged search.
References (2)
Core 2
Core References
Patch x_refsource_confirm
http://www.ibm.com/support/docview.wss?uid=swg24029672
Various Sources vendor-advisory
x_refsource_aixapar
http://www.ibm.com/support/docview.wss?uid=swg1IO11943
Scores
EPSS
0.0088
EPSS Percentile
54.9%
Details
CWE
CWE-20
Status
published
Products (20)
ibm/tivoli_directory_server
6.0
ibm/tivoli_directory_server
6.0.0.0
ibm/tivoli_directory_server
6.0.0.1
ibm/tivoli_directory_server
6.0.0.7
ibm/tivoli_directory_server
6.0.0.8
ibm/tivoli_directory_server
6.0.0.14
ibm/tivoli_directory_server
6.0.0.19
ibm/tivoli_directory_server
6.0.0.33
ibm/tivoli_directory_server
6.0.0.41
ibm/tivoli_directory_server
6.0.0.45
... and 10 more
Published
Apr 21, 2011
Tracked Since
Feb 18, 2026