IBM Tivoli Provisioning Manager for OS Deployment TFTPD Malformed PRQ Request DoS

Medium Nessus Plugin ID 25738


A service on the remote host is prone to a denial of service attack.


The remote host is running IBM Tivoli Provisioning Manager for OS Deployment, for remote deployment and management of operating systems.

The TFTPD component of the version of this software installed on the remote host does not handle read requests with an invalid 'blksize' argument. An unauthenticated attacker can leverage this issue to trigger a divide-by-zero error and cause the 'rembo.exe' service to exit.


Upgrade to Tivoli Provisioning Manager for OS Deployment, Fix Pack 3 (version or later.

See Also

Plugin Details

Severity: Medium

ID: 25738

File Name: ibm_tpmfosd_tftpd_blocksize_dos.nasl

Version: $Revision: 1.16 $

Type: remote

Agent: windows

Family: Windows

Published: 2007/07/19

Modified: 2013/04/15

Dependencies: 11819, 10107

Risk Information

Risk Factor: Medium


Base Score: 5

Temporal Score: 4.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:ibm:tivoli_provisioning_manager_os_deployment

Required KB Items: Services/udp/tftp

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2007/07/17

Vulnerability Publication Date: 2007/07/18

Reference Information

CVE: CVE-2007-3268

BID: 24942

OSVDB: 38160