VYPR
Unrated severityNVD Advisory· Published Apr 21, 2011· Updated Jun 16, 2026

CVE-2009-5072

CVE-2009-5072

Description

Memory leak in the ldap_explode_dn function in IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.61 (aka 6.0.0.8-TIV-ITDS-IF0003) allows remote authenticated users to cause a denial of service (memory consumption) via an empty string argument.

Affected products

20
  • cpe:2.3:a:ibm:tivoli_directory_server:6.0:*:*:*:*:*:*:*+ 19 more
    • cpe:2.3:a:ibm:tivoli_directory_server:6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.14:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.19:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.33:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.41:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.45:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.52:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.53:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.54:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.55:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.56:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.57:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.58:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.59:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.60:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.8:*:*:*:*:*:*:*
    • (no CPE)range: >=6.0 <6.0.0.61

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.