Skip Navigation

  • Home
  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
  • Protecting your assets
  • Products and services
    • CSIRTUK advisories
      • Advisories archive
    • General protective security publications
    • InfoSec briefings
    • InfoSec technical notes
    • InfoSec vulnerability disclosures
    • Good practice guidelines
    • Viewpoints
    • Information exchanges
    • Risk Management Delivery Group
  • Research
Home > Products and services > CSIRTUK advisories > Advisories archive > November 2005 > IBM SECURITY ADVISORY

November 2005

IBM SECURITY ADVISORY

ID: 01012
Ref: 950/2005
Date: 11 November 2005:14:52:27
Version: 1
Title: IBM SECURITY ADVISORY
Abstract: A vulnerability was discovered in ITDS that allows a remote user to preform unauthorized operations on directory data. ITDS configurations that use SSL only and SSL client server authentication are not vulnerable to this issue.
Vendors affected: IBM
Operating systems affected: IBM
Applications affected: IBM
Title
=====

IBM SECURITY ADVISORY

Detail
======

A vulnerability was discovered in ITDS that allows a remote user to
preform unauthorized operations on directory data. ITDS configurations
that use SSL only and SSL client server authentication are not vulnerable
to this issue.


- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

IBM SECURITY ADVISORY

First Issued: Thu Nov 10 14:29:04 CST 2005
=========================================================================
VULNERABILITY SUMMARY

VULNERABILITY: A remote user can preform unauthorized operations
on directory data.

PLATFORMS: IBM Tivoli Directory Server (ITDS) 5.2.0 and 6.0.0

SOLUTION: Apply the APARs or workaround as described below.

THREAT: A remote user can preform unauthorized operations
on directory data.

CERT VU Number: VU#194753
CVE Number: N/A
=========================================================================
DETAILED INFORMATION


I. Description
===============

A vulnerability was discovered in ITDS that allows a remote user to
preform unauthorized operations on directory data. ITDS configurations
that use SSL only and SSL client server authentication are not vulnerable
to this issue. For more information about this issue, please visit the
following URL (Note that it is wrapped):

http://www-306.ibm.com/software/sysmgmt/products/support/
Tivoli_Proactive_Notification.html

ITDS ships as the ldap.server fileset. To determine if this fileset is
installed, execute the following command:

# lslpp -L ldap.server

If the fileset is installed it will be listed along with its version
information, state, type and a description. The vulnerable ITDS 5.2.0
fileset versions will be 5.2.0.3 or earlier. The vulnerable ITDS 6.0.0
fileset versions will be 6.0.0.1 or earlier.


II. Impact
==========

A remote user can access, modify and delete data stored in ITDS. This
vulnerability may result in a denial of service or unwanted system
authentications.


III. Solutions
===============

A. Official Fix

IBM provides the following fixes:

ITDS 5.2.0: IO02697 (available)
ITDS 6.0.0: IO02714 (available)

NOTE: Affected customers are urged to upgrade to AIX 5.1.0, 5.2.0 or
5.3.0 at the latest maintenance level.

C. Workaround

Configure ITDS to use SSL only and SSL client server authentication.

IV. Obtaining Fixes
===================

ITDS APARs can be downloaded from:
http://www-306.ibm.com/software/sysmgmt/products/support/

AIX Version 5 APARs can be downloaded from:

http://www-1.ibm.com/servers/eserver/support/pseries/aixfixes.html

Security related Interim Fixes can be downloaded from:

ftp://aix.software.ibm.com/aix/efixes/security


V. Contact Information
=======================

For any questions, support can be obtained by contacting a local call center or
creating a PMR.

A list of country-specific call center phone numbers can be found at:

http://techsupport.services.ibm.com/guides/contacts.html

A PMR can be created through the online support page:

http://www-306.ibm.com/software/support/probsub.html

If you would like to receive AIX Security Advisories via email, please
visit:

https://techsupport.services.ibm.com/server/pseries.subscriptionSvcs

To request the PGP public key that can be used to communicate securely
with the AIX Security Team send email to security-alert@austin.ibm.com
with a subject of "get key". The key can also be downloaded from a PGP
Public Key Server. The key id is 0x9391C1F2.

Please contact your local IBM AIX support center for any assistance.

eServer is a trademark of International Business Machines Corporation.
IBM, AIX and pSeries are registered trademarks of International Business
Machines Corporation. All other trademarks are property of their respective
holders.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFDc63jxwSSvpORwfIRAp93AJ9K8MsMneDAcXs1HgxE/Eis673rMgCdHysJ
jjiXfkyAZrw7AHu3tmzoR/Q=
=XYgK
- -----END PGP SIGNATURE-----

  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |