Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tivoli Provisioning Manager <= 5.1.0.2 TFTP PRQ Request Remote DoS

Medium

Synopsis

The remote host is vulnerable to a Denial of Service (DoS) attack.

Description

The remote host is running the IBM 'Tivoli Provisioning Manager for OS Deployment'. This version of the software is vulnerable to a flaw in the way that it handles malformed TFTP requests. An attacker exploiting this flaw can cause a crash that would affect all of the Tivoli services on the server. An attacker exploiting this flaw would need to be able to send malformed TFTP requests to the server.

Solution

Upgrade or patch according to vendor recommendations.