CVE-2009-5073

EUVD-2009-5028
IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.59 (aka 6.0.0.8-TIV-ITDS-IF0001) allows remote authenticated users to cause a denial of service (infinite loop and daemon hang) by adding a nested group that contains the Distinguished Name (DN) of its parent entry.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:N/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 57%
Affected Products (NVD)
VendorProductVersion
ibmtivoli_directory_server
6.0
ibmtivoli_directory_server
6.0.0.0
ibmtivoli_directory_server
6.0.0.1
ibmtivoli_directory_server
6.0.0.7
ibmtivoli_directory_server
6.0.0.8
ibmtivoli_directory_server
6.0.0.14
ibmtivoli_directory_server
6.0.0.19
ibmtivoli_directory_server
6.0.0.33
ibmtivoli_directory_server
6.0.0.41
ibmtivoli_directory_server
6.0.0.45
ibmtivoli_directory_server
6.0.0.52
ibmtivoli_directory_server
6.0.0.53
ibmtivoli_directory_server
6.0.0.54
ibmtivoli_directory_server
6.0.0.55
ibmtivoli_directory_server
6.0.0.56
ibmtivoli_directory_server
6.0.0.57
ibmtivoli_directory_server
6.0.0.58
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.ibm.com/support/docview.wss?uid=swg1IO10802
http://www.ibm.com/support/docview.wss?uid=swg24029672
http://www.ibm.com/support/docview.wss?uid=swg1IO10802
http://www.ibm.com/support/docview.wss?uid=swg24029672