Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Double free vulnerability in IBM Tivoli Directory Server (TDS) 6.1.0.0 through 6.1.0.15 allows remote authenticated administrators to cause a denial of service (ABEND) and possibly execute arbitrary code by using ldapadd to attempt to create a duplicate ibm-globalAdminGroup LDAP database entry. NOTE: the vendor states "There is no real risk of a vulnerability," although there are likely scenarios in which a user is allowed to make administrative LDAP requests but does not have the privileges to stop the server.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ibm tivoli_directory_server 双重空漏洞
Vulnerability Description
IBM Tivoli Directory Server (TDS)存在双重空漏洞。远程认证用户造成拒绝服务(异常终止)或可能通过运行ldapadd来企图新建一个ibm-globalAdminGroup LDAP数据库登陆条目的副本来执行任意代码。注意: 厂商指出"没有存在漏洞的实际风险。" 虽然在特定的情况下,用户会被允许发送管理LDAP请求,但是并没有特权去停止服务器。
CVSS Information
N/A
Vulnerability Type
N/A