Overview
» IDS/IPS Signatures
Security Sites
Products
White Papers
Data Sheets
Case Studies
Support Login
Locate a Partner
iPolicy Networks Security Advisory
 

IBM Tivoli Directory Server Null Pointer Dereference DoS Vulnerability
Date Discovered: 01/14/2009
Severity: High
Applications Affected: IBM Tivoli Directory Server 6.2
Type: Remote
Identifiers: CVE-2010-0312
Synopsis
IBM Tivoli Directory Server is prone to remote denial of service vulnerability, which could be exploited to cause denial of service condition in security context of logged-in user.
Recommended Actions
Allow only trusted users.
Threat Analysis
IBM Tivoli Directory Server previously recognized as IBM Directory Server. IBM Tivoli Directory Server is a powerful and security-rich enterprise directory for business intranets and the Internet.

IBM Tivoli Directory Server is prone to remote denial of service vulnerability. This vulnerability exists in “do_extendedOp” function in ibmslapd in IBM Tivoli Directory Server via crafted SecureWay Event Registration Request. Successful exploitation allows remote attackers to cause the target ibmslapd daemon to  crash, resulting in denial of service condition.
References

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0312
http://securitytracker.com/alerts/2010/Jan/1023433.html

Write-up by: Gaurav Bajpai
Security Sites
 
“iPolicy is one of the most visionary firewall vendors in the firewall Magic Quadrant. Its architecture of a central session processing engine and multiple content blades that are able to block based on signatures, rules and so on is the closest to the network security ideal.”
 
Greg Young, John Pescatore
Magic Quadrant for Network Firewalls, 2H04, Gartner
 

 
Home | About Us | Products | Technology | Solutions | Support | Partners | News & Events | Resources | Contact Us
Copyright ©2009 iPolicy Networks - Security Products Division of Tech Mahindra Limited | Privacy Policy | Site Map