Double free vulnerability in IBM Tivoli Directory Server (TDS) 6.1.0.0 through 6.1.0.15 allows remote authenticated administrators to cause a denial of service (ABEND) and possibly execute arbitrary code by using ldapadd to attempt to create a duplicate ibm-globalAdminGroup LDAP database entry. NOTE: the vendor states "There is no real risk of a vulnerability," although there are likely scenarios in which a user is allowed to make administrative LDAP requests but does not have the privileges to stop the server.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2008-06-30T21:00:00
Updated: 2024-08-07T09:21:34.486Z
Reserved: 2008-06-30T00:00:00
Link: CVE-2008-2943
Vulnrichment
No data.
NVD
Status : Modified
Published: 2008-06-30T21:41:00.000
Modified: 2024-11-21T00:48:04.290
Link: CVE-2008-2943
Redhat
No data.