QwikSec

Security Database

CVE

CWE

Training

CVE-2011-1820

Published: Apr 21, 2011

Modified: Aug 6, 2024

PUBLISHED

Description

IBM Tivoli Directory Server (TDS) 5.2 before 5.2.0.5-TIV-ITDS-IF0010, 6.0 before 6.0.0.67 (aka 6.0.0.8-TIV-ITDS-IF0009), 6.1 before 6.1.0.40 (aka 6.1.0.5-TIV-ITDS-IF0003), 6.2 before 6.2.0.16 (aka 6.2.0.3-TIV-ITDS-IF0002), and 6.3 before 6.3.0.3 (aka 6.3.0.0-TIV-ITDS-IF0003) does not properly handle the ibm-auditAttributesOnGroupEvalOp setting for auditing of extended operations, which might allow attackers to obtain sensitive information by reading the audit log.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://www.ibm.com/support/docview.wss?uid=swg24029659

x_refsource_CONFIRM

third-party-advisory

x_refsource_SECUNIA

vendor-advisory

x_refsource_AIXAPAR

vendor-advisory

x_refsource_AIXAPAR

http://www.ibm.com/support/docview.wss?uid=swg24029660

x_refsource_CONFIRM

vendor-advisory

x_refsource_AIXAPAR

vendor-advisory

x_refsource_AIXAPAR

http://www.ibm.com/support/docview.wss?uid=swg24029672

x_refsource_CONFIRM

http://www.ibm.com/support/docview.wss?uid=swg24029661

x_refsource_CONFIRM

vendor-advisory

x_refsource_AIXAPAR

vdb-entry

x_refsource_SECTRACK

ibm-tds-proxyserver-info-disclosure(66712)

vdb-entry

x_refsource_XF

http://www.ibm.com/support/docview.wss?uid=swg21496086

x_refsource_CONFIRM

http://www.ibm.com/support/docview.wss?uid=swg24029663

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.