ID CVE-2009-3089
Summary IBM Tivoli Directory Server (TDS) 6.0 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via unspecified vectors, related to (1) the ibmslapd.exe daemon on Windows and (2) the ibmdiradm daemon in the administration server on Linux, as demonstrated by certain modules in VulnDisco Pack Professional 8.11, a different vulnerability than CVE-2006-0717. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.
References
Vulnerable Configurations
  • cpe:2.3:a:ibm:tivoli_directory_server:6.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:tivoli_directory_server:6.0:*:*:*:*:*:*:*
CVSS
Base: 7.8 (as of 01-10-2009 - 04:00)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:C
refmap via4
misc http://intevydis.com/vd-list.shtml
secunia 36565
Last major update 01-10-2009 - 04:00
Published 08-09-2009 - 18:30
Last modified 01-10-2009 - 04:00
Back to Top