IBM Tivoli Management Framework Endpoint缓冲区溢出漏洞

漏洞信息详情

IBM Tivoli Management Framework Endpoint缓冲区溢出漏洞

• CNNVD编号：CNNVD-200210-010
• 危害等级： 高危
  
  
• CVE编号：
  CVE-2002-1011
  
• 漏洞类型：
  
  
  缓冲区溢出
  
• 发布时间：
  
  2002-10-04
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2005-10-20
  
• 厂        商：
  
  ibm
• 漏洞来源：
  Discovered by Mark…

Tivoli Management Framework (TMF) Endpoint 3.6.x到3.7.1且在Fixpack 2之前的版本的web服务器存在缓冲区溢出漏洞。远程攻击者借助超长HTTP GET请求导致服务拒绝或者执行任意代码。

IBM has corrected this vulnerability in the latest Fixpack (currently Fixpack 2 or Patches 3.7.1-TMF-0066).
The following fixes were reported available by the discoverer of this vulnerability. They have not been confirmed by SecurityFocus:
IBM Tivoli Management Framework 3.6

• IBM Tivoli Fixpack 2Contact IBM support to obtain this Fixpack.
  

IBM Tivoli Management Framework 3.6.1

• IBM Tivoli Fixpack 2Contact IBM support to obtain this Fixpack.
  

IBM Tivoli Management Framework 3.7

• IBM Tivoli Fixpack 2Contact IBM support to obtain this Fixpack.
  

IBM Tivoli Management Framework 3.7.1

• IBM Patches 3.7.1-TMF-0066
  
• IBM Tivoli Fixpack 2Contact IBM support to obtain this Fixpack.
  

来源: BID
名称: 5235
链接:http://www.securityfocus.com/bid/5235

来源: XF
名称: tivoli-tmr-endpoint-bo(9555)
链接:http://www.iss.net/security_center/static/9555.php

来源: www.tivoli.com
链接:http://www.tivoli.com/secure/support/documents/security/mgt-fwk-http-vul.html

来源: BUGTRAQ
名称: 20020715 Tivoli TMF Endpoint Buffer Overflow
链接:http://online.securityfocus.com/archive/1/282292

来源: VULNWATCH
名称: 20020715 Tivoli TMF Endpoint Buffer Overflow
链接:http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0023.html