Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3567

Overview

Vulnerability Score 5.8 5.8
CVE Id CVE-2005-3567
Last Modified 07 Mar 2011 12:00:00
Published 16 Nov 2005 02:42:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector ADJACENT_NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-3567

Summary

slapd daemon in IBM Tivoli Directory Server (ITDS) 5.2.0 and 6.0.0 binds using SASL EXTERNAL, which allows attackers to bypass authentication and modify and delete directory data via unknown attack vectors.

Vulnerable Systems

Application

  • Ibm Tivoli Directory Server 5.2.0

  • Ibm Tivoli Directory Server 6.0


References

CERT-VN - VU#194753

XF - tivoli-directory-bypass-security(22989)

BID - 15367

OSVDB - 20672

CONFIRM - http://www-1.ibm.com/support/docview.wss?uid=swg21222159

CONFIRM - http://www-1.ibm.com/support/docview.wss?rs=767&context=SSVJJU&dc=D400&uid=swg24010819&loc=en_US&cs=UTF-8&lang=en

SECTRACK - 1015171

SECUNIA - 17484

VUPEN - ADV-2005-2356

AIXAPAR - IO02714

AIXAPAR - IO02697

CONFIRM - http://www-1.ibm.com/support/docview.wss?uid=isg1SSRVAIX53SECUR081510_247


Last Updated: 27 May 2016 10:40:58