Denial of service vulnerability in IBM Tivoli Directory Server (TDS) via a malformed LDAP extended operation (Linux)ID: oval:org.secpod.oval:def:2067 | Date: (C)2011-08-30 (M)2022-10-10 |
Class: VULNERABILITY | Family: unix |
The host is installed with IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.62 (aka 6.0.0.8-TIV-ITDS-IF0004) and is prone to a denial of service vulnerability. A flaw is present in the do_extendedOp function in ibmslapd in the application, which fails to handle comparisons involving the NULL operation OID. Successful exploitation could allow attackers to crash the service.
Product: |
IBM Tivoli Directory Server |