The get_filter_list function in IBM Tivoli Directory Server (TDS) 5.2 prior to 5.2.0.5-TIV-ITDS-LA0006 does not properly perform certain sub filter parsing, which allows remote authenticated users to cause a denial of service (infinite loop) via a malformed search filter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm tivoli directory server 5.2.0 |
||
ibm tivoli directory server 5.2.0.4 |