Intrusion Prevention

IBM.Tivoli.Directory.Server.LDAP.DoS

Description

This indicates a denial of service vulnerability in IBM Tivoli Directory Server.
The vulnerability is caused by an error when the vulnerable software handle a crafted LDAP request. It allows a remote attacker to cause a denial of service via a crafted LDAP request.

Affected Products

IBM Directory Server version 4.1
IBM Directory Server version 5.1
IBM Directory Server version 5.2
IBM Directory Server version 6.0

Impact

Denial of Service: Remote attackers can crash vulnerable systems.

Recommended Actions

Interim fix for IBM Tivoli Directory Server version 6.0 :
http://www-1.ibm.com/support/docview.wss?uid=swg24011701
Fix Pack 5.1.0-TIV-ITDS-FP0004 for IBM Tivoli Directory Server version 5.1 :
http://www-1.ibm.com/support/docview.wss?uid=swg24011969

CVE References

CVE-2006-0717