|
|
|
|
| |
Credit:
The information has been provided by iDefense Labs.
The original article can be found at: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=647
|
| |
Vulnerable Systems:
* IBM Tivoli Provisioning Manager for OS Deployment version 5.1.0.3
Immune Systems:
* IBM Tivoli Provisioning Manager for OS Deployment version 5.1.0.3 Interim Fix 3
This vulnerability specifically exists within the logging functionality of the web server component. By making requests with a large HTTP request method, an attacker can cause a static-sized buffer to be overrun with data they supplied.
Analysis:
Exploitation allows an attacker to cause a denial of service condition or potentially execute arbitrary code with SYSTEM privileges.
In order to exploit this vulnerability, an attacker must be able to establish a session on TCP port 443 with target machine. No credentials are required to trigger the vulnerable code path.
Vendor response:
The IBM Tivoli team has addressed this vulnerability within Tivoli Provisioning Manager for OS Deployment Interim Fix 3, Version 5.1.0.3. More information is available from IBM Document swg24018010 at the following URL: http://www-1.ibm.com/support/docview.wss?uid=swg24018010
CVE Information:
CVE-2008-0401
Disclosure Timeline:
10/24/2007 - Initial vendor notification
10/24/2007 - Initial vendor response
01/22/2008 - Coordinated public disclosure
|
|
|
|
|
