Vulnerability Description
The do_extendedOp function in ibmslapd in IBM Tivoli Directory Server (TDS) 6.2 on Linux allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted SecureWay 3.2 Event Registration Request (aka a 1.3.18.0.2.12.1 request).
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Tivoli Directory Server | 6.2 |
| Linux | Linux Kernel | All versions |
Related Weaknesses (CWE)
References
- http://intevydis.blogspot.com/2010/01/tivoli-directory-server-62-doextendedop.htExploit
- http://securitytracker.com/id?1023433
- http://intevydis.blogspot.com/2010/01/tivoli-directory-server-62-doextendedop.htExploit
- http://securitytracker.com/id?1023433
FAQ
What is CVE-2010-0312?
CVE-2010-0312 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The do_extendedOp function in ibmslapd in IBM Tivoli Directory Server (TDS) 6.2 on Linux allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted ...
How severe is CVE-2010-0312?
CVE-2010-0312 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-0312?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Tivoli Directory Server, Linux Linux Kernel.