IBM Tivoli Directory Integrator JSSE Denial of Service

by Carol~ Moderator - 1/29/13 3:03 PM

In Reply to: VULNERABILITIES / FIXES - January 29, 2013 by Carol~ Moderator

IBM Tivoli Directory Integrator JSSE Denial of Service Vulnerability

Release Date : 2013-01-29

Criticality level : Moderately critical
Impact : DoS
Where: From local network
Solution Status: Vendor Patch

Software:
IBM Tivoli Directory Integrator 6.x
IBM Tivoli Directory Integrator 7.x

Description:
IBM has acknowledged a vulnerability in IBM Tivoli Directory Integrator, which can be exploited by malicious people to cause a DoS (Denial of Service).

The vulnerability is reported in versions 6.1.1 and 7.1.

Solution:
Apply APARs.

Original Advisory:
IBM (IO17937, IO17899):
http://www.ibm.com/support/docview.wss?uid=swg1IO17899
http://www.ibm.com/support/docview.wss?uid=swg1IO17937

http://secunia.com/advisories/52009/