Denial of Service Vulnerability in IBM Tivoli Directory Server
CVE-2007-6742
Currently unrated
Summary
A vulnerability exists in the get_filter_list function of IBM Tivoli Directory Server 5.2 prior to version 5.2.0.5-TIV-ITDS-LA0006. The function fails to correctly parse certain sub-filters, allowing remote authenticated users to create a malformed search filter. This can trigger an infinite loop, resulting in a denial of service condition that can disrupt normal operations of the server.
References
Timeline
Vulnerability Reserved
Vulnerability published