Executive Summary

Summary
Title IBM Tivoli Provisioning Manager for OS Deployment (TPMfOSD) allows buffer overflow via HTTP request
Informations
Name VU#158609 First vendor Publication 2008-03-06
Vendor VU-CERT Last vendor Modification 2008-03-06
Severity (Vendor) N/A Revision M

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Vulnerability Note VU#158609

IBM Tivoli Provisioning Manager for OS Deployment (TPMfOSD) allows buffer overflow via HTTP request

Overview

The IBM Tivoli Provisioning Manager for OS Deployment (TPMfOSD) contains a buffer overflow vulnerability in the web server component. This vulnerability may allow an attacker to execute arbitrary code with SYSTEM privileges or cause a denial of service.

I. Description

IBM Tivoli Provisioning Manager for OS Deployment (TPMfOSD) is a network boot server that facilitates central management of networked workstations. IBM TPMfOSD contains a buffer overflow vulnerability within the logging functionality of the web server component. A remote, unauthenticated attacker may be able to exploit this vulnerability by sending a specially crafted HTTPS (443/TCP) request to a target machine.

II. Impact

A remote, unauthenticated attacker could execute arbitrary code with SYSTEM privileges or crash the server process, causing a denial of service.

III. Solution

Apply an Update

IBM has released Interim Fix 3 Version 5.1.0.3 to address this issue.

Block or Restrict Access

Block or restrict access to the web server component from untrusted hosts and networks.

Systems Affected

VendorStatusDate Updated
IBM CorporationVulnerable6-Mar-2008

References


http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=647
http://www-1.ibm.com/support/docview.wss?uid=swg24018010
http://securitytracker.com/alerts/2008/Jan/1019249.html
http://www.securityfocus.com/bid/27387
http://secunia.com/advisories/28604

Credit

Thanks to iDefense Labs for reporting this vulnerability.

This document was written by John Hollenberger.

Other Information

Date Public01/24/2008
Date First Published03/06/2008 10:35:30 AM
Date Last Updated03/06/2008
CERT Advisory 
CVE NameCVE-2008-0401
US-CERT Technical Alerts 
Metric8.17
Document Revision17

Original Source

Url : http://www.kb.cert.org/vuls/id/158609

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1

SAINT Exploits

Description Link
Tivoli Provisioning Manager for OS Deployment HTTP server buffer overflow More info here

Open Source Vulnerability Database (OSVDB)

Id Description
40481 IBM Tivoli Provisioning Manager OS Deployment HTTP Server Logging Functionali...

Snort® IPS/IDS

Date Description
2014-01-10 IBM Tivoli Provisioning Manager long URI request buffer overflow attempt
RuleID : 18582 - Revision : 6 - Type : SERVER-OTHER
2014-01-10 IBM Tivoli Provisioning Manager long URI request buffer overflow attempt
RuleID : 18581 - Revision : 6 - Type : SERVER-OTHER
2014-01-10 IBM Tivoli Provisioning Manager long URI request buffer overflow attempt
RuleID : 16216 - Revision : 11 - Type : SERVER-OTHER

Nessus® Vulnerability Scanner

Date Description
2008-02-13 Name : The remote web server is prone to a buffer overflow attack.
File : ibm_tpmfosd_5103_if3.nasl - Type : ACT_GATHER_INFO