← back
CVE-2008-2943

CVE-2008-2943

EPSS 2.4%
Double free vulnerability in IBM Tivoli Directory Server (TDS) 6.1.0.0 through 6.1.0.15 allows remote authenticated administrators to cause a denial of service (ABEND) and possibly execute arbitrary code by using ldapadd to attempt to create a duplicate ibm-globalAdminGroup LDAP database entry. NOTE: the vendor states "There is no real risk of a vulnerability," although there are likely scenarios in which a user is allowed to make administrative LDAP requests but does not have the privileges to stop the server.
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/31999unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://secunia.com/advisories/30786https://exchange.xforce.ibmcloud.com/vulnerabilities/43465http://www-1.ibm.com/support/docview.wss?uid=swg1IO09113http://www.securityfocus.com/bid/30010http://www.vupen.com/english/advisories/2008/1970