CVE-2007-1868
CVE-2007-1868
The management service in IBM Tivoli Provisioning Manager for OS Deployment before 5.1 Fix Pack 2 does not properly handle multipart/form-data in HTTP POST requests, which allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via crafted POST requests to port 8080/tcp or 443/tcp.
Affected products
n/a · n/apublic PoCs found — 1
exploitdbwww.exploit-db.com/exploits/16810unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=498http://secunia.com/advisories/24717https://exchange.xforce.ibmcloud.com/vulnerabilities/33384http://www-1.ibm.com/support/docview.wss?uid=swg24015347http://www.securityfocus.com/bid/23264http://www.securitytracker.com/id?1017840http://www.vupen.com/english/advisories/2007/1199