CVE-2010-4789

Use-after-free vulnerability in the proxy-server implementation in IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.65 (aka 6.0.0.8-TIV-ITDS-IF0007) and 6.3 before 6.3.0.1 (aka 6.3.0.0-TIV-ITDS-IF0001) allows remote authenticated users to cause a denial of service (daemon crash) via a paged search that is interrupted by an LDAP Unbind operation.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:N/I:N/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 62%
VendorProductVersion
ibmtivoli_directory_server
6.0
ibmtivoli_directory_server
6.0.0.0
ibmtivoli_directory_server
6.0.0.1
ibmtivoli_directory_server
6.0.0.7
ibmtivoli_directory_server
6.0.0.8
ibmtivoli_directory_server
6.0.0.14
ibmtivoli_directory_server
6.0.0.19
ibmtivoli_directory_server
6.0.0.33
ibmtivoli_directory_server
6.0.0.41
ibmtivoli_directory_server
6.0.0.45
ibmtivoli_directory_server
6.0.0.52
ibmtivoli_directory_server
6.0.0.53
ibmtivoli_directory_server
6.0.0.54
ibmtivoli_directory_server
6.0.0.55
ibmtivoli_directory_server
6.0.0.56
ibmtivoli_directory_server
6.0.0.57
ibmtivoli_directory_server
6.0.0.58
ibmtivoli_directory_server
6.0.0.59
ibmtivoli_directory_server
6.0.0.60
ibmtivoli_directory_server
6.0.0.61
ibmtivoli_directory_server
6.0.0.62
ibmtivoli_directory_server
6.0.0.63
ibmtivoli_directory_server
6.0.0.64
ibmtivoli_directory_server
6.3.0.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.ibm.com/support/docview.wss?uid=swg1IO13364
http://www.ibm.com/support/docview.wss?uid=swg1IO13451
http://www.ibm.com/support/docview.wss?uid=swg24029659
http://www.ibm.com/support/docview.wss?uid=swg24029672
http://www.ibm.com/support/docview.wss?uid=swg1IO13364
http://www.ibm.com/support/docview.wss?uid=swg1IO13451
http://www.ibm.com/support/docview.wss?uid=swg24029659
http://www.ibm.com/support/docview.wss?uid=swg24029672