CVE-2008-0401

Name of the Vulnerable Software and Affected Versions IBM Tivoli Provisioning Manager for OS Deployment (TPMfOSD) versions prior to 5.1.0.3 Interim Fix 3

Description The issue is related to a buffer overflow in the logging functionality of the HTTP server. This can be triggered by remote attackers sending an HTTP request with a long method string to port 443/tcp, potentially causing a denial of service (daemon crash) or possibly allowing the execution of arbitrary code.

Recommendations For versions prior to 5.1.0.3 Interim Fix 3, update to version 5.1.0.3 Interim Fix 3 or later to resolve the issue. As a temporary workaround, consider restricting access to the HTTP server on port 443/tcp to minimize the risk of exploitation.