Secunia, via Help Net Security, have reported that IBM’s Tivoli Directory Server (versions 6.1, 6.2 and 6.3) has been found to have multiple vulnerabilities in-the-wild.
Depending on how the product is attacked, the vulnerability can either disclose sensitive information, or be used to produce a DoS, resulting in compromise of the system.
The root-cause appears to be the bundling of a buggy version of IBM Java and a stack-based buffer overflow issue within ibmslapd.exe, resulting in an exploit being able to run arbitrary code.
The sensitive information disclosure results in clear-text passwords being revealed in audit logs, when the server is configured to have extended logging.
IBM are aware of the issue, and are expected to provide security patches which should be applied as soon as they are available.
In the meantime, it is recommend that extended logging in TDS Proxy Server be turned off until the patches are available.
We think you'd also like: