>> IBM Tivoli Provisioning Manager for OS Deployment Requests Handling Vulnerabilities
Title : IBM Tivoli Provisioning Manager for OS Deployment Requests Handling Vulnerabilities VUPEN ID : VUPEN/ADV-2007-1199 CVE ID : CVE-2007-1868
Rated as : Critical
Remotely Exploitable : Yes Locally Exploitable : Yes Release Date : 2007-04-03
Technical Description
Two vulnerabilities have been identified in IBM Tivoli Provisioning Manager for OS Deployment, which could be exploited by remote attackers to cause a denial of service or take complete control of an affected system. These issues are due to invalid memory access and memory corruption errors when processing malformed HTTP (port 8080) or HTTPS (port 443) requests, which could be exploited by remote unauthenticated attackers to crash an affected application or execute arbitrary code with elevated privileges.