Back to CVE Browser

CVE-2008-7287

MEDIUM

4.0

CVSS Severity Score

EPSS Score0.1580%

EPSS Percentile40.45th

PublishedApr 21, 2011

Last ModifiedApr 29, 2026

Vulnerability Description

Multiple memory leaks in the (1) ldap_init and (2) ldap_url_search_direct API functions in IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-LA0007 allow remote authenticated users to cause a denial of service (memory consumption) by making many function calls.

Affected Platforms (CPE)

📦

Ibm

Tivoli Directory Server

= 5.2.0

📦

Ibm

Tivoli Directory Server

= 5.2.0.4

References & Advisories

🔗 http://www.ibm.com/support/docview.wss?uid=swg1IO09650

🔗 http://www.ibm.com/support/docview.wss?uid=swg24029663

🔗 http://www.ibm.com/support/docview.wss?uid=swg1IO09650

🔗 http://www.ibm.com/support/docview.wss?uid=swg24029663

Related Vulnerabilities

CVE-2011-120610.0

Stack-based buffer overflow in the server process in ibmslapd.exe in IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS...

CVE-2014-391410.0

Directory traversal vulnerability in the Admin Center for Tivoli Storage Manager (TSM) in Rocket ServerGraph 1.2 allows remote att...

CVE-2011-48899.8

The javax.naming.directory.AttributeInUseException class in the Virtual Member Manager in IBM WebSphere Application Server (WAS) 6...

CVE-2009-30897.8

IBM Tivoli Directory Server (TDS) 6.0 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon cr...