Denial of Service Vulnerability in IBM Tivoli Directory Server
CVE-2009-5073

Currently unrated

Key Information:

Vendor: IBM
Status: Tivoli Directory Server
Vendor: CVE Published:; 21 April 2011

Summary

IBM Tivoli Directory Server versions prior to 6.0.0.59 are susceptible to a denial of service condition. Remote authenticated users can exploit this vulnerability by creating a nested group that includes the Distinguished Name (DN) of its own parent entry, leading to an infinite loop and a potential hang of the server daemon. This poses a significant risk, disrupting normal operations and affecting the availability of the directory services.

References

http://www.ibm.com/support/docview.wss?uid=swg1IO10802

vendor-advisoryx_refsource_AIXAPAR

http://www.ibm.com/support/docview.wss?uid=swg24029672

x_refsource_CONFIRM

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Apr 21, 2011