CVE-2005-3567

Опубликовано: 16 нояб. 2005

Источник: nvd

CVSS2: 5.8

EPSS Низкий

Описание

slapd daemon in IBM Tivoli Directory Server (ITDS) 5.2.0 and 6.0.0 binds using SASL EXTERNAL, which allows attackers to bypass authentication and modify and delete directory data via unknown attack vectors.

Ссылки

http://secunia.com/advisories/17484
Patch
Vendor Advisory
http://securitytracker.com/id?1015171
Patch
http://www-1.ibm.com/support/docview.wss?rs=767&context=SSVJJU&dc=D400&uid=swg24010819&loc=en_US&cs=UTF-8&lang=en
Patch
Vendor Advisory
http://www-1.ibm.com/support/docview.wss?uid=isg1SSRVAIX53SECUR081510_247
http://www-1.ibm.com/support/docview.wss?uid=swg21222159
Patch
Vendor Advisory
http://www-1.ibm.com/support/search.wss?rs=0&q=IO02697&apar=only
http://www-1.ibm.com/support/search.wss?rs=0&q=IO02714&apar=only
http://www.kb.cert.org/vuls/id/194753
US Government Resource
http://www.osvdb.org/20672
Patch
http://www.securityfocus.com/bid/15367
Patch
http://www.vupen.com/english/advisories/2005/2356
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/22989
http://secunia.com/advisories/17484
Patch
Vendor Advisory
http://securitytracker.com/id?1015171
Patch
http://www-1.ibm.com/support/docview.wss?rs=767&context=SSVJJU&dc=D400&uid=swg24010819&loc=en_US&cs=UTF-8&lang=en
Patch
Vendor Advisory
http://www-1.ibm.com/support/docview.wss?uid=isg1SSRVAIX53SECUR081510_247
http://www-1.ibm.com/support/docview.wss?uid=swg21222159
Patch
Vendor Advisory
http://www-1.ibm.com/support/search.wss?rs=0&q=IO02697&apar=only
http://www-1.ibm.com/support/search.wss?rs=0&q=IO02714&apar=only
http://www.kb.cert.org/vuls/id/194753
US Government Resource

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:tivoli_directory_server:5.2.0:*:*:*:*:*:*:*

cpe:2.3:a:ibm:tivoli_directory_server:6.0:*:*:*:*:*:*:*

EPSS

Процентиль: 75%

0.00912

Низкий

5.8 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-pgj4-m7wx-hrhh

github

почти 4 года назад