Vulnerability Description
IBM Tivoli Directory Server (TDS) 6.0 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via unspecified vectors, related to (1) the ibmslapd.exe daemon on Windows and (2) the ibmdiradm daemon in the administration server on Linux, as demonstrated by certain modules in VulnDisco Pack Professional 8.11, a different vulnerability than CVE-2006-0717. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Tivoli Directory Server | 6.0 |
References
- http://intevydis.com/vd-list.shtml
- http://secunia.com/advisories/36565Vendor Advisory
- http://intevydis.com/vd-list.shtml
- http://secunia.com/advisories/36565Vendor Advisory
FAQ
What is CVE-2009-3089?
CVE-2009-3089 is a vulnerability with a CVSS score of 7.8 (HIGH). IBM Tivoli Directory Server (TDS) 6.0 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via unspecified vectors, related to (1) the ibmslapd.exe daemon o...
How severe is CVE-2009-3089?
CVE-2009-3089 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-3089?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Tivoli Directory Server.