CVE-2008-7287

Name of the Vulnerable Software and Affected Versions IBM Tivoli Directory Server version 5.2 before 5.2.0.5-TIV-ITDS-LA0007

Description The issue is related to multiple memory leaks in the ldap init and ldap url search direct API functions. This can be exploited by remote authenticated users to cause a denial of service by consuming memory through many function calls.

Recommendations For IBM Tivoli Directory Server version 5.2 before 5.2.0.5-TIV-ITDS-LA0007, update to version 5.2.0.5-TIV-ITDS-LA0007 or later to resolve the issue. As a temporary workaround, consider restricting access to the ldap init and ldap url search direct API functions to minimize the risk of exploitation.