CVE-2008-2943

Double free vulnerability in IBM Tivoli Directory Server (TDS) 6.1.0.0 through 6.1.0.15 allows remote authenticated administrators to cause a denial of service (ABEND) and possibly execute arbitrary code by using ldapadd to attempt to create a duplicate ibm-globalAdminGroup LDAP database entry. NOTE: the vendor states "There is no real risk of a vulnerability," although there are likely scenarios in which a user is allowed to make administrative LDAP requests but does not have the privileges to stop the server.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.12:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.13:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.14:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.7:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.8:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.15:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.9:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.11:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.10:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.5:*:*:*:*:*:*:*

Information

Published : 2008-06-30 14:41

Updated : 2017-08-07 18:31


NVD link : CVE-2008-2943

Mitre link : CVE-2008-2943


JSON object : View

CWE
CWE-399

Resource Management Errors

Advertisement

dedicated server usa

Products Affected

ibm

  • tivoli_directory_server