IBM Tivoli PMfOSD HTTP Request Method Buffer Overflow Vulnerability
IBM Corp.'s Tivoli Provisioning Manager for OS Deployment is a network boot server that facilitates central management of networked workstations. It implements Preboot Execution Environment (PXE), a Web-based administration service, DHCP, TFTP, and several additional protocols. More information can be found at the following URL.
http://www-306.ibm.com/software/tivoli/products/prov-mgr-os-deploy/
Remote exploitation of a buffer overflow vulnerability in the web server component of IBM Corp.'s Tivoli Provisioning Manager for OS Deployment allows attackers to cause a denial of service condition or potentially execute arbitrary code with SYSTEM privileges.
This vulnerability specifically exists within the logging functionality of the web server component. By making requests with a large HTTP request method, an attacker can cause a static-sized buffer to be overrun with data they supplied.
IBM Corp.'s Tivoli Provisioning Manager for OS Deployment is a network boot server that facilitates central management of networked workstations. It implements Preboot Execution Environment (PXE), a Web-based administration service, DHCP, TFTP, and several additional protocols. More information can be found at the following URL.
http://www-306.ibm.com/software/tivoli/products/prov-mgr-os-deploy/
Remote exploitation of a buffer overflow vulnerability in the web server component of IBM Corp.'s Tivoli Provisioning Manager for OS Deployment allows attackers to cause a denial of service condition or potentially execute arbitrary code with SYSTEM privileges.
This vulnerability specifically exists within the logging functionality of the web server component. By making requests with a large HTTP request method, an attacker can cause a static-sized buffer to be overrun with data they supplied.
全站熱搜
留言列表
資訊安全 (4)
