CVE-2013-6747

IBM GSKit 7.x < 7.0.4.48 and 8.x < 8.0.50.16 - Denial of Service via Malformed X.509 Certificate Chain

Title source: llm
STIX 2.1

Description

IBM GSKit 7.x before 7.0.4.48 and 8.x before 8.0.50.16, as used in IBM Security Directory Server (ISDS) and Tivoli Directory Server (TDS), allows remote attackers to cause a denial of service (application crash or hang) via a malformed X.509 certificate chain.

References (9)

Core 9
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/89863
Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21676092
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/56698
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/102556
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/56699
Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21662902
Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21676091
Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21669554
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1029687

Scores

EPSS 0.0224
EPSS Percentile 80.7%

Details

CWE
CWE-20
Status published
Products (8)
ibm/global_security_kit 8.5
ibm/global_security_kit 7.0
ibm/global_security_kit 7.0.4.28
ibm/global_security_kit 7.0.4.29
ibm/global_security_kit 8.0
ibm/global_security_kit 8.0.13
ibm/security_directory_server
ibm/tivoli_directory_server
Published Jan 27, 2014
Tracked Since Feb 18, 2026