CVE-2005-3567

Name of the Vulnerable Software and Affected Versions IBM Tivoli Directory Server (ITDS) versions 5.2.0 through 6.0.0

Description The issue allows attackers to bypass authentication and modify or delete directory data. This is possible because the slapd daemon in the affected software binds using SASL EXTERNAL.

Recommendations For versions 5.2.0 through 6.0.0, consider restricting access to the slapd daemon until a fix is available. As a temporary workaround, review and limit the use of SASL EXTERNAL bindings to minimize the risk of exploitation.