VYPR

Tivoli Provisioning Manager OS Deployment

by IBM

CVEs (4)

  • CVE-2007-3268HigJul 18, 2007
    risk 0.49cvss 7.5epss 0.02

    The TFTP implementation in IBM Tivoli Provisioning Manager for OS Deployment 5.1 before Fix Pack 3 allows remote attackers to cause a denial of service (rembo.exe crash and multiple service outage) via a read (RRQ) request with an invalid blksize (blocksize), which triggers a…

  • CVE-2007-1868Apr 4, 2007
    risk 0.08cvss epss 0.59

    The management service in IBM Tivoli Provisioning Manager for OS Deployment before 5.1 Fix Pack 2 does not properly handle multipart/form-data in HTTP POST requests, which allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via crafted…

  • CVE-2008-0401Jan 23, 2008
    risk 0.01cvss epss 0.08

    Buffer overflow in the logging functionality of the HTTP server in IBM Tivoli Provisioning Manager for OS Deployment (TPMfOSD) before 5.1.0.3 Interim Fix 3 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via an HTTP request…

  • CVE-2010-4121Oct 28, 2010
    risk 0.00cvss epss 0.03

    The TCP-to-ODBC gateway in IBM Tivoli Provisioning Manager for OS Deployment 7.1.1.3 does not require authentication for SQL statements, which allows remote attackers to modify, create, or read database records via a session on TCP port 2020. NOTE: the vendor disputes this…