CVE-2010-4785

The do_extendedOp function in ibmslapd in IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.62 (aka 6.0.0.8-TIV-ITDS-IF0004) on Linux, Solaris, and Windows allows remote authenticated users to cause a denial of service (ABEND) via a malformed LDAP extended operation that triggers certain comparisons involving the NULL operation OID.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:N/I:N/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 57%
VendorProductVersion
ibmtivoli_directory_server
6.0
ibmtivoli_directory_server
6.0.0.0
ibmtivoli_directory_server
6.0.0.1
ibmtivoli_directory_server
6.0.0.7
ibmtivoli_directory_server
6.0.0.8
ibmtivoli_directory_server
6.0.0.14
ibmtivoli_directory_server
6.0.0.19
ibmtivoli_directory_server
6.0.0.33
ibmtivoli_directory_server
6.0.0.41
ibmtivoli_directory_server
6.0.0.45
ibmtivoli_directory_server
6.0.0.52
ibmtivoli_directory_server
6.0.0.53
ibmtivoli_directory_server
6.0.0.54
ibmtivoli_directory_server
6.0.0.55
ibmtivoli_directory_server
6.0.0.56
ibmtivoli_directory_server
6.0.0.57
ibmtivoli_directory_server
6.0.0.58
ibmtivoli_directory_server
6.0.0.59
ibmtivoli_directory_server
6.0.0.60
ibmtivoli_directory_server
6.0.0.61
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.ibm.com/support/docview.wss?uid=swg1IO11814
http://www.ibm.com/support/docview.wss?uid=swg24029672
http://www.ibm.com/support/docview.wss?uid=swg1IO11814
http://www.ibm.com/support/docview.wss?uid=swg24029672