CVE-2001-1310 Information

Description

IBM SecureWay 3.2.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via invalid encodings for the L field of a BER encoding as demonstrated by the PROTOS LDAPv3 test suite.

Reference

http://ciac.llnl.gov/ciac/bulletins/l-116.shtml http://www.cert.org/advisories/CA-2001-18.html http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/ldapv3/ http://www.kb.cert.org/vuls/id/505564 http://www.kb.cert.org/vuls/id/CFCR-4YQ33Y http://www.securityfocus.com/bid/3040 https://exchange.xforce.ibmcloud.com/vulnerabilities/6894