Intrusion Prevention

IBM.Tivoli.Provisioning.Manager.OS.Deployment.Buffer.Overflow

Description

This indicates an attempt to exploit a buffer-overflow vulnerability in IBM Tivoli Provisioning Manager for OS Deployment.
The vulnerability is caused by a boundary error in rembo.exe when the vulnerable software handles an HTTP request with an overly long URI. A remote attacker may send a crafted HTTP request to execute arbitrary code.

Affected Products

The vulnerabilities are reported in version 5.1.0.116. Other versions may also be affected.

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Refer to the vendor's website for the suggested workaround:
http://www-1.ibm.com/support/docview.wss?uid=swg24015664

CVE References

CVE-2007-1868