CVE-2008-2943
Published Jun 30, 2008
Last updated 7 years ago
Overview
- Description
- Double free vulnerability in IBM Tivoli Directory Server (TDS) 6.1.0.0 through 6.1.0.15 allows remote authenticated administrators to cause a denial of service (ABEND) and possibly execute arbitrary code by using ldapadd to attempt to create a duplicate ibm-globalAdminGroup LDAP database entry. NOTE: the vendor states "There is no real risk of a vulnerability," although there are likely scenarios in which a user is allowed to make administrative LDAP requests but does not have the privileges to stop the server.
- Source
- cve@mitre.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 6
- Impact score
- 6.4
- Exploitability score
- 6.8
- Vector string
- AV:N/AC:M/Au:S/C:P/I:P/A:P
Weaknesses
- nvd@nist.gov
- CWE-399
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2F468434-0317-435A-B2A6-5923A88A090F"
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E79197BC-3BDF-4F38-B63F-1B2A658B645F"
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F7B1402A-B3C3-4210-928F-6EFCCE2DE1CF"
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "92D48F0B-C9E2-4381-8463-83FF47136EB8"
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "36308D0C-D92C-4857-A857-097F383EE76C"
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A84CEB80-796F-4928-A2A0-73E604543A70"
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "462385FC-F345-42EE-ABF0-E1781CC648A9"
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F10F3910-5616-41A2-A3BF-18FA4DD68631"
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "51C34738-5F9B-43A7-987F-EB805B31119E"
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6AA93B63-9D15-4784-8585-DBC139A382E7"
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "55D84E30-1F23-4A6A-B622-78DBEEBEFB46"
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "50C9A7DF-6968-41CC-911A-B746CB43AA82"
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0EA493E1-F791-4FE5-9F7E-36CAC0D942C2"
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F7365156-4EA3-476A-A395-FADEDF1BA80A"
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "321B15BC-2653-4B64-A5AE-9FCA6A08713C"
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_directory_server:6.1.0.15:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5A1B527B-E07D-4543-92A6-0EE58CB8FECC"
}
],
"operator": "OR"
}
]
}
]