Tivoli Management Framework
by IBM
CVEs (6)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2011-1220 | 0.08 | — | 0.64 | Jun 2, 2011 | Stack-based buffer overflow in lcfd.exe in Tivoli Endpoint in IBM Tivoli Management Framework 3.7.1, 4.1, 4.1.1, and 4.3.1 allows remote authenticated users to execute arbitrary code via a long opts field. | ||
| CVE-2011-2330 | 0.00 | — | 0.02 | Jun 2, 2011 | Tivoli Endpoint in IBM Tivoli Management Framework 3.7.1, 4.1, 4.1.1, and 4.3.1 has an unspecified "built-in account" that is "trivially" accessed, which makes it easier for remote attackers to send requests to restricted pages via a session on TCP port 9495, a different vulnerability than CVE-2011-1220. | ||
| CVE-2005-2170 | 0.00 | — | 0.02 | Jul 11, 2005 | The LCF component (lcfd) in IBM Tivoli Management Framework Endpoint allows remote attackers to cause a denial of service (process exit and connection loss) by connecting to LCF and ending the connection without sending any data. | ||
| CVE-2002-1012 | 0.00 | — | 0.02 | Oct 4, 2002 | Buffer overflow in web server for Tivoli Management Framework (TMF) ManagedNode 3.6.x through 3.7.1 allows remote attackers to cause a denial of service or execute arbitrary code via a long HTTP GET request. | ||
| CVE-2002-1011 | 0.00 | — | 0.02 | Oct 4, 2002 | Buffer overflow in web server for Tivoli Management Framework (TMF) Endpoint 3.6.x through 3.7.1, before Fixpack 2, allows remote attackers to cause a denial of service or execute arbitrary code via a long HTTP GET request. | ||
| CVE-2000-1239 | 0.00 | — | 0.00 | Dec 31, 2000 | The HTTP interface of Tivoli Lightweight Client Framework (LCF) in IBM Tivoli Management Framework 3.7.1 sets http_disable to zero at install time, which allows remote authenticated users to bypass file permissions on Tivoli Endpoint Configuration data files via an unspecified manipulation of log files. |
- CVE-2011-1220Jun 2, 2011risk 0.08cvss —epss 0.64
Stack-based buffer overflow in lcfd.exe in Tivoli Endpoint in IBM Tivoli Management Framework 3.7.1, 4.1, 4.1.1, and 4.3.1 allows remote authenticated users to execute arbitrary code via a long opts field.
- CVE-2011-2330Jun 2, 2011risk 0.00cvss —epss 0.02
Tivoli Endpoint in IBM Tivoli Management Framework 3.7.1, 4.1, 4.1.1, and 4.3.1 has an unspecified "built-in account" that is "trivially" accessed, which makes it easier for remote attackers to send requests to restricted pages via a session on TCP port 9495, a different vulnerability than CVE-2011-1220.
- CVE-2005-2170Jul 11, 2005risk 0.00cvss —epss 0.02
The LCF component (lcfd) in IBM Tivoli Management Framework Endpoint allows remote attackers to cause a denial of service (process exit and connection loss) by connecting to LCF and ending the connection without sending any data.
- CVE-2002-1012Oct 4, 2002risk 0.00cvss —epss 0.02
Buffer overflow in web server for Tivoli Management Framework (TMF) ManagedNode 3.6.x through 3.7.1 allows remote attackers to cause a denial of service or execute arbitrary code via a long HTTP GET request.
- CVE-2002-1011Oct 4, 2002risk 0.00cvss —epss 0.02
Buffer overflow in web server for Tivoli Management Framework (TMF) Endpoint 3.6.x through 3.7.1, before Fixpack 2, allows remote attackers to cause a denial of service or execute arbitrary code via a long HTTP GET request.
- CVE-2000-1239Dec 31, 2000risk 0.00cvss —epss 0.00
The HTTP interface of Tivoli Lightweight Client Framework (LCF) in IBM Tivoli Management Framework 3.7.1 sets http_disable to zero at install time, which allows remote authenticated users to bypass file permissions on Tivoli Endpoint Configuration data files via an unspecified manipulation of log files.