Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The management service in IBM Tivoli Provisioning Manager for OS Deployment before 5.1 Fix Pack 2 does not properly handle multipart/form-data in HTTP POST requests, which allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via crafted POST requests to port 8080/tcp or 443/tcp.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
IBM Tivoli Provisioning Manager OS Deployment畸形请求内存破坏漏洞
Vulnerability Description
IBM Tivoli Provisioning Manager for OS Deployment是一款网络引导服务器,方便集中管理联网的工作站。 Tivoli Provisioning Manager for OS Deployment在处理multi part/form-data HTTP POST请求时存在内存破坏漏洞,远程未经认证的攻击者可以通过向管理服务的HTTP(8080)或HTTP-SSL(443)端口发送特制请求来触发这个漏洞,导致拒绝服务或执行任意指令。例如,攻击者可以通过提供超长文件名
CVSS Information
N/A
Vulnerability Type
N/A