IBM Corporation Information for VU#194753
IBM Tivoli Directory Server may allow unauthorized access
- Vendor Information Help Date Notified: 03 Nov 2005
- Statement Date:
- Date Updated: 17 Nov 2005
A potential security vulnerability has been identified by IBM for the
IBM Tivoli Directory Server (ITDS), version 5.2.0 and 6.0.0.
This information has been updated as of November 7th, 2005
IBM has identified a vulnerability that would allow unauthorized access
to change, modify and/or delete directory data stored in IBM Tivoli
Directory Server. While it is not believed that this vulnerability
exists when the IBM Tivoli Directory Server is set to use SSL only and
SSL Client Server authentication, IBM strongly recommends that all
customers update their installation with the correct fix.
Customers are strongly recommended to apply the appropriate fix as soon
Please refer to the following link for more information:
For any questions, support can be obtained through the following means:
? Local call center - A list of country-specific phone numbers can be
? Create PMR through the online support page:
Please refer to http://www-3.ibm.com/software/sysmgmt/products/support/
for information regarding these options.
The vendor has not provided us with any further information regarding this vulnerability.
Please reference the IBM Security Vulnerability note on this issue for information on updates, fixes, and workarounds.