IBM Tivoli Directory Server Vulnerabilities (credentialed check)
Critical Nessus Plugin ID 53625
SynopsisThe version of IBM Tivoli Directory Server installed on the remote host contains multiple security vulnerabilities.
DescriptionAccording to its version, the installation of IBM Tivoli Directory Server on the remote host is prior to 126.96.36.199, 188.8.131.52, 184.108.40.206, or 220.127.116.11. It is, therefore, affected by one or more of the following vulnerabilities :
- A malicious LDAP request can cause a buffer overrun in the server, allowing an unauthenticated, remote attacker to execute arbitrary code within Tivoli Directory Server's server process. This vulnerability has only been recreated on 32 bit platforms. (IO14010, IO14013, IO14028, IO14046, IO14045)
- A security vulnerability has been identified in Tivoli Directory server. If the Server is configured to audit extended operations with 'Attributes sent on group evaluation extended operation' enabled (ibm-auditAttributesOnGroupEvalOp=TRUE), the audit entries for the group eval extended op will include unmasked values for sensitive data. (IO14023, IO14025, IO14028, IO14043, IO14044)
SolutionInstall the appropriate fix based on the vendor's advisory :