CVE-2011-1206

IBM Tivoli Directory Server - Memory Corruption

Title source: rule

Description

Stack-based buffer overflow in the server process in ibmslapd.exe in IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-IF0010, 6.0 before 6.0.0.67 (aka 6.0.0.8-TIV-ITDS-IF0009), 6.1 before 6.1.0.40 (aka 6.1.0.5-TIV-ITDS-IF0003), 6.2 before 6.2.0.16 (aka 6.2.0.3-TIV-ITDS-IF0002), and 6.3 before 6.3.0.3 (aka 6.3.0.0-TIV-ITDS-IF0003) allows remote attackers to execute arbitrary code via a crafted LDAP request. NOTE: some of these details are obtained from third party information.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Francis Provencher · textdoswindows

https://www.exploit-db.com/exploits/17188

View Code ZIP pw:eip

References (15)

Core 15

Core References

Patch x_refsource_confirm

http://www.ibm.com/support/docview.wss?uid=swg24029659

Vendor Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/44184

Patch x_refsource_confirm

http://www.ibm.com/support/docview.wss?uid=swg24029660

Various Sources vendor-advisory x_refsource_aixapar

http://www.ibm.com/support/docview.wss?uid=swg1IO14013

Patch x_refsource_confirm

http://www.ibm.com/support/docview.wss?uid=swg24029672

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/66711

Various Sources vendor-advisory x_refsource_aixapar

http://www.ibm.com/support/docview.wss?uid=swg1IO14045

Various Sources vendor-advisory x_refsource_aixapar

http://www.ibm.com/support/docview.wss?uid=swg1IO14010

Patch x_refsource_confirm

http://www.ibm.com/support/docview.wss?uid=swg24029661

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1025358

Third Party Advisory third-party-advisory x_refsource_sreason

http://securityreason.com/securityalert/8213

Various Sources x_refsource_confirm

http://www.ibm.com/support/docview.wss?uid=swg21496117

Various Sources vendor-advisory x_refsource_aixapar

http://www.ibm.com/support/docview.wss?uid=swg1IO14046

Various Sources vendor-advisory x_refsource_aixapar

http://www.ibm.com/support/docview.wss?uid=swg1IO14009

Patch x_refsource_confirm

http://www.ibm.com/support/docview.wss?uid=swg24029663

Scores

EPSS 0.3800

EPSS Percentile 97.2%

Details

CWE

CWE-119

Status published

Products (50)

ibm/tivoli_directory_server 5.2.0

ibm/tivoli_directory_server 5.2.0.4

ibm/tivoli_directory_server 6.0

ibm/tivoli_directory_server 6.0.0.0

ibm/tivoli_directory_server 6.0.0.1

ibm/tivoli_directory_server 6.0.0.7

ibm/tivoli_directory_server 6.0.0.8

ibm/tivoli_directory_server 6.0.0.14

ibm/tivoli_directory_server 6.0.0.19

ibm/tivoli_directory_server 6.0.0.33

... and 40 more

Published Apr 21, 2011

Tracked Since Feb 18, 2026