Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0401

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2008-0401
Last Modified 07 Mar 2011 10:04:39
Published 23 Jan 2008 07:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-0401

Summary

Buffer overflow in the logging functionality of the HTTP server in IBM Tivoli Provisioning Manager for OS Deployment (TPMfOSD) before 5.1.0.3 Interim Fix 3 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via an HTTP request with a long method string to port 443/tcp.

Vulnerable Systems

Application

  • Ibm Tivoli Provisioning Manager Os Deployment 5.1.0.2


References

CERT-VN - VU#158609

CONFIRM - http://www-1.ibm.com/support/docview.wss?uid=swg24018010

XF - tivoli-provisioning-http-unspecified(39819)

VUPEN - ADV-2008-0239

SECTRACK - 1019249

BID - 27387

SECUNIA - 28604

IDEFENSE - 20080122 IBM Tivoli PMfOSD HTTP Request Method Buffer Overflow Vulnerability


Last Updated: 27 May 2016 10:46:47