Unrated severityNVD Advisory· Published Apr 21, 2011· Updated Jun 16, 2026
CVE-2009-5072
CVE-2009-5072
Description
Memory leak in the ldap_explode_dn function in IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.61 (aka 6.0.0.8-TIV-ITDS-IF0003) allows remote authenticated users to cause a denial of service (memory consumption) via an empty string argument.
Affected products
20cpe:2.3:a:ibm:tivoli_directory_server:6.0:*:*:*:*:*:*:*+ 19 more
- cpe:2.3:a:ibm:tivoli_directory_server:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.19:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.33:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.41:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.45:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.52:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.53:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.54:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.55:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.56:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.57:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.58:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.59:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.60:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:tivoli_directory_server:6.0.0.8:*:*:*:*:*:*:*
- (no CPE)range: >=6.0 <6.0.0.61
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.