Vulnerability Description
slapd daemon in IBM Tivoli Directory Server (ITDS) 5.2.0 and 6.0.0 binds using SASL EXTERNAL, which allows attackers to bypass authentication and modify and delete directory data via unknown attack vectors.
CVSS Score
5.8
MEDIUM
AV:A/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Tivoli Directory Server | 5.2.0 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/17484PatchVendor Advisory
- http://securitytracker.com/id?1015171Patch
- http://www-1.ibm.com/support/docview.wss?rs=767&context=SSVJJU&dc=D400&uid=swg24PatchVendor Advisory
- http://www-1.ibm.com/support/docview.wss?uid=isg1SSRVAIX53SECUR081510_247
- http://www-1.ibm.com/support/docview.wss?uid=swg21222159PatchVendor Advisory
- http://www-1.ibm.com/support/search.wss?rs=0&q=IO02697&apar=only
- http://www-1.ibm.com/support/search.wss?rs=0&q=IO02714&apar=only
- http://www.kb.cert.org/vuls/id/194753US Government Resource
- http://www.osvdb.org/20672Patch
- http://www.securityfocus.com/bid/15367Patch
- http://www.vupen.com/english/advisories/2005/2356Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/22989
- http://secunia.com/advisories/17484PatchVendor Advisory
- http://securitytracker.com/id?1015171Patch
- http://www-1.ibm.com/support/docview.wss?rs=767&context=SSVJJU&dc=D400&uid=swg24PatchVendor Advisory
FAQ
What is CVE-2005-3567?
CVE-2005-3567 is a vulnerability with a CVSS score of 5.8 (MEDIUM). slapd daemon in IBM Tivoli Directory Server (ITDS) 5.2.0 and 6.0.0 binds using SASL EXTERNAL, which allows attackers to bypass authentication and modify and delete directory data via unknown attack ve...
How severe is CVE-2005-3567?
CVE-2005-3567 has been rated MEDIUM with a CVSS base score of 5.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-3567?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Tivoli Directory Server.