IBM Tivoli Provisioning Manager OS Deployment Multiple Stack Buffer Overflow Vulnerabilities

Bugtraq ID:	23264
Class:	Access Validation Error
CVE:	CVE-2007-1868
Remote:	Yes
Local:	No
Published:	Apr 02 2007 12:00AM
Updated:	Jun 04 2007 11:10PM
Credit:	Aaron Portnoy from TippingPoint Security Research Team is credited with discovering these issues.
Vulnerable:	IBM Tivoli Provisioning Manager for OS Deployment 5.1 .116
Not Vulnerable:

IBM Tivoli Provisioning Manager OS Deployment Multiple Stack Buffer Overflow Vulnerabilities

IBM Tivoli Provisioning Manager for OS Deployment is prone to multiple stack-based buffer-overflow issues because the software fails to bounds-check user-supplied input.

An attacker can exploit these issues to execute arbitrary code with SYSTEM-level privileges or to crash services. Successful attacks may result in the complete compromise of affected computers.

IBM Tivoli Provisioning Manager for OS Deployment 5.1.0.116 is vulnerable; other versions may also be affected.

IBM Tivoli Provisioning Manager OS Deployment Multiple Stack Buffer Overflow Vulnerabilities

An exploit is available for one of the issues:

• /data/vulnerabilities/exploits/ibm-ti-pro.py

IBM Tivoli Provisioning Manager OS Deployment Multiple Stack Buffer Overflow Vulnerabilities

Solution:
The vendor has released version 5.1 Fix Pack 2 to address these issues. Please see the references for more information.

IBM Tivoli Provisioning Manager OS Deployment Multiple Stack Buffer Overflow Vulnerabilities

References:

• IBM Tivoli Provisioning Manager Express Homepage (IBM)
  
• IBM Tivoli Provisioning Manager for OS Deployment Multiple Vulnerabilities (iDefense Labs)
  
• Tivoli Provisioning Manager for OS Deployment Fix Pack 5.1.0-TIV-TPMOSD-FP0002 (IBM)
  
• TPTI-07-05: IBM Tivoli Provisioning Manager for OS Deployment Multiple ([email protected])