IBM Tivoli Directory Server (TDS) 5.2 prior to 5.2.0.5-TIV-ITDS-LA0007 does not properly handle the simultaneous changing of multiple passwords, which makes it easier for remote authenticated users to cause a denial of service (DB2 daemon deadlock) by making password changes that trigger updates to a DB2 password-history table.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm tivoli directory server 5.2.0 |
||
ibm tivoli directory server 5.2.0.4 |