IBM Tivoli Directory Server LDAP BER Denial of Service Vulnerability

  1. Network Vulnerabilities
  2. Denial of Service
  3. IBM Tivoli Directory Server LDAP BER Denial of Service Vulnerability
Summary
The host is running IBM Tivoli Directory Server and is prone to denial of service vulnerability.
Impact
Successful exploitation will allow attacker to crash an affected server, creating a denial of service condition. Impact Level: Application
Solution
Apply interim fix 6.0.0.8-TIV-ITDS-IF0007 https://www-304.ibm.com/support/docview.wss?uid=swg1IO13306
Insight
The flaw is due to a validation error when handling BER-encoded LDAP requests and can be exploited to cause a crash via a specially crafted request.
Affected
IBM Tivoli Directory Server (ITDS) before 6.0.0.8-TIV-ITDS-IF0007
References
Updated on 2015-03-25
Severity
Medium Severity
Classification
Related Vulnerabilities