Vulnerabilities > IBM > Tivoli Provisioning Manager OS Deployment

DATE CVE VULNERABILITY TITLE RISK
2008-01-23 CVE-2008-0401 Buffer Errors vulnerability in IBM Tivoli Provisioning Manager OS Deployment 5.1.0.2
Buffer overflow in the logging functionality of the HTTP server in IBM Tivoli Provisioning Manager for OS Deployment (TPMfOSD) before 5.1.0.3 Interim Fix 3 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via an HTTP request with a long method string to port 443/tcp.
network
low complexity
ibm CWE-119
critical
 10.0
10
2007-07-18 CVE-2007-3268 Divide By Zero vulnerability in IBM Tivoli Provisioning Manager OS Deployment 5.1.0.2
The TFTP implementation in IBM Tivoli Provisioning Manager for OS Deployment 5.1 before Fix Pack 3 allows remote attackers to cause a denial of service (rembo.exe crash and multiple service outage) via a read (RRQ) request with an invalid blksize (blocksize), which triggers a divide-by-zero error.
network
low complexity
ibm CWE-369
7.5
7.5
2007-04-04 CVE-2007-1868 Stack Buffer Overflow vulnerability in IBM Tivoli Provisioning Manager OS Deployment 5.1.0.116
The management service in IBM Tivoli Provisioning Manager for OS Deployment before 5.1 Fix Pack 2 does not properly handle multipart/form-data in HTTP POST requests, which allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via crafted POST requests to port 8080/tcp or 443/tcp.
network
low complexity
ibm
critical
 10.0
10