CVE-2008-7290

CWE-3993 documents3 sources
Severity
4.0MEDIUM
EPSS
0.4%
top 41.82%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Tivoli Directory Server
Timeline
PublishedApr 21
Latest updateMay 17

Description

Memory leak in the ldap_explode_rdn API function in IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-LA0007 allows remote authenticated users to cause a denial of service (memory consumption) by making many function calls.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 8.0 | Impact: 2.9

Affected Packages1 packages

NVDibm/tivoli_directory_server5.2.0, 5.2.0.4+1

Patches

Patch: www.ibm.comPatch: www.ibm.com

🔴Vulnerability Details

2
GHSA
GHSA-v52f-q648-c264: Memory leak in the ldap_explode_rdn API function in IBM Tivoli Directory Server (TDS) 52022-05-17
CVEList
CVE-2008-7290: Memory leak in the ldap_explode_rdn API function in IBM Tivoli Directory Server (TDS) 52011-04-21
CVE-2008-7290 (MEDIUM CVSS 4) | Memory leak in the ldap_explode_rdn | cvebase.io