ID CVE-2007-1868
Summary The management service in IBM Tivoli Provisioning Manager for OS Deployment before 5.1 Fix Pack 2 does not properly handle multipart/form-data in HTTP POST requests, which allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via crafted POST requests to port 8080/tcp or 443/tcp.
References
Vulnerable Configurations
  • IBM Tivoli Provisioning Manager OS Deployment 5.1.0.116
    cpe:2.3:a:ibm:tivoli_provisioning_manager_os_deployment:5.1.0.116
CVSS
Base: 10.0 (as of 06-04-2007 - 08:27)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
exploit-db via4
description IBM TPM for OS Deployment 5.1.0.x rembo.exe Buffer Overflow. CVE-2007-1868. Remote exploit for windows platform
id EDB-ID:16810
last seen 2016-02-02
modified 2010-09-20
published 2010-09-20
reporter metasploit
source https://www.exploit-db.com/download/16810/
title IBM TPM for OS Deployment 5.1.0.x rembo.exe Buffer Overflow
metasploit via4
description This is a stack buffer overflow exploit for IBM Tivoli Provisioning Manager for OS Deployment version 5.1.0.X.
id MSF:EXPLOIT/WINDOWS/HTTP/IBM_TPMFOSD_OVERFLOW
last seen 2019-02-17
modified 2017-07-24
published 2007-05-03
reliability Good
reporter Rapid7
source https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/ibm_tpmfosd_overflow.rb
title IBM TPM for OS Deployment 5.1.0.x rembo.exe Buffer Overflow
nessus via4
  • NASL family Web Servers
    NASL id IBM_TPMFOSD_CORRUPTION.NASL
    description The remote host is running IBM Tivoli Provisioning Manager for OS Deployment. The version of this software contains multiple unspecified memory corruption vulnerabilities in the HTTP server. A remote attacker may exploit these flaws to crash the service or execute code on the remote host with the privileges of the TPM server.
    last seen 2019-01-16
    modified 2018-07-12
    plugin id 25005
    published 2007-04-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=25005
    title IBM Tivoli Provisioning Manager OS Deployment Multiple Unspecified Input Validation Vulnerabilities
  • NASL family Web Servers
    NASL id IBM_TPMFOSD_OVERFLOW.NASL
    description The remote host is running IBM Tivoli Provisioning Manager for OS Deployment. The version of this software has multiple buffer overflow vulnerabilities in the HTTP server. A remote attacker may exploit these flaws to crash the service or execute code on the remote host with the privileges of the TPM server.
    last seen 2019-01-16
    modified 2018-07-12
    plugin id 25149
    published 2007-05-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=25149
    title IBM Tivoli Provisioning Manager OS Deployment Multiple Stack Overflows
packetstorm via4
data source https://packetstormsecurity.com/files/download/83093/ibm_tpmfosd_overflow.rb.txt
id PACKETSTORM:83093
last seen 2016-12-05
published 2009-11-26
reporter toto
source https://packetstormsecurity.com/files/83093/IBM-TPM-for-OS-Deployment-5.1.0.x-rembo.exe-Buffer-Overflow.html
title IBM TPM for OS Deployment 5.1.0.x rembo.exe Buffer Overflow
refmap via4
bid 23264
idefense 20070331 IBM Tivoli Provisioning Manager for OS Deployment Multiple Vulnerabilities
misc http://www-1.ibm.com/support/docview.wss?uid=swg24015347
sectrack 1017840
secunia 24717
vupen ADV-2007-1199
xf tivoli-post-code-execution(33384)
Last major update 05-11-2012 - 22:36
Published 04-04-2007 - 12:19
Last modified 28-07-2017 - 21:31
Back to Top