cvelistv5 - cve-2007-3268

CVE-2007-3268 (GCVE-0-2007-3268)

Vulnerability from cvelistv5 – Published: 2007-07-18 23:00 – Updated: 2024-08-07 14:14

Summary

The TFTP implementation in IBM Tivoli Provisioning Manager for OS Deployment 5.1 before Fix Pack 3 allows remote attackers to cause a denial of service (rembo.exe crash and multiple service outage) via a read (RRQ) request with an invalid blksize (blocksize), which triggers a divide-by-zero error.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www3.software.ibm.com/ibmdl/pub/software/t…	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2007/2560	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/26093	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/bid/24942	vdb-entryx_refsource_BID
	http://www-1.ibm.com/support/docview.wss?uid=swg2…	x_refsource_CONFIRM
	http://labs.idefense.com/intelligence/vulnerabili…	third-party-advisoryx_refsource_IDEFENSE
	http://securitytracker.com/id?1018401	vdb-entryx_refsource_SECTRACK
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T14:14:12.503Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www3.software.ibm.com/ibmdl/pub/software/tivoli_support/patches/patches_5.1.0/5.1.0-TIV-TPMOSD-FP0003/5.1.0-TIV-TPMOSD-FP0003.README.HTM"
          },
          {
            "name": "ADV-2007-2560",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2560"
          },
          {
            "name": "26093",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26093"
          },
          {
            "name": "24942",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/24942"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg24016347"
          },
          {
            "name": "20070717 IBM Tivoli Provisioning Manager for OS Deployment TFTP Blocksize DoS Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=560"
          },
          {
            "name": "1018401",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1018401"
          },
          {
            "name": "tivoli-rembo-dos(35468)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35468"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-07-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The TFTP implementation in IBM Tivoli Provisioning Manager for OS Deployment 5.1 before Fix Pack 3 allows remote attackers to cause a denial of service (rembo.exe crash and multiple service outage) via a read (RRQ) request with an invalid blksize (blocksize), which triggers a divide-by-zero error."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www3.software.ibm.com/ibmdl/pub/software/tivoli_support/patches/patches_5.1.0/5.1.0-TIV-TPMOSD-FP0003/5.1.0-TIV-TPMOSD-FP0003.README.HTM"
        },
        {
          "name": "ADV-2007-2560",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2560"
        },
        {
          "name": "26093",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26093"
        },
        {
          "name": "24942",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/24942"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg24016347"
        },
        {
          "name": "20070717 IBM Tivoli Provisioning Manager for OS Deployment TFTP Blocksize DoS Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=560"
        },
        {
          "name": "1018401",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1018401"
        },
        {
          "name": "tivoli-rembo-dos(35468)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35468"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-3268",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The TFTP implementation in IBM Tivoli Provisioning Manager for OS Deployment 5.1 before Fix Pack 3 allows remote attackers to cause a denial of service (rembo.exe crash and multiple service outage) via a read (RRQ) request with an invalid blksize (blocksize), which triggers a divide-by-zero error."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www3.software.ibm.com/ibmdl/pub/software/tivoli_support/patches/patches_5.1.0/5.1.0-TIV-TPMOSD-FP0003/5.1.0-TIV-TPMOSD-FP0003.README.HTM",
              "refsource": "CONFIRM",
              "url": "http://www3.software.ibm.com/ibmdl/pub/software/tivoli_support/patches/patches_5.1.0/5.1.0-TIV-TPMOSD-FP0003/5.1.0-TIV-TPMOSD-FP0003.README.HTM"
            },
            {
              "name": "ADV-2007-2560",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2560"
            },
            {
              "name": "26093",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26093"
            },
            {
              "name": "24942",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/24942"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg24016347",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg24016347"
            },
            {
              "name": "20070717 IBM Tivoli Provisioning Manager for OS Deployment TFTP Blocksize DoS Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=560"
            },
            {
              "name": "1018401",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1018401"
            },
            {
              "name": "tivoli-rembo-dos(35468)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35468"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-3268",
    "datePublished": "2007-07-18T23:00:00",
    "dateReserved": "2007-06-19T00:00:00",
    "dateUpdated": "2024-08-07T14:14:12.503Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ibm:tivoli_provisioning_manager_os_deployment:5.1.0.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"71256B8E-D2BE-4AED-9CC3-F62ADAF71AE0\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The TFTP implementation in IBM Tivoli Provisioning Manager for OS Deployment 5.1 before Fix Pack 3 allows remote attackers to cause a denial of service (rembo.exe crash and multiple service outage) via a read (RRQ) request with an invalid blksize (blocksize), which triggers a divide-by-zero error.\"}, {\"lang\": \"es\", \"value\": \"La implementaci\\u00f3n TFTP en IBM Tivoli Provisioning Manager para OS Deployment 5.1 anterior a Fix Pack 3 permite a atacantes remotos provocar denegaci\\u00f3n de servicio (caida de rembo.exe y apag\\u00f3n de m\\u00faltiples servicios) a trav\\u00e9s de una lectura de respuesta (RQD) con un  tama\\u00f1o de bloque (blksize) inv\\u00e1lido, que dispara un error de divisi\\u00f3n por cero.\"}]",
      "id": "CVE-2007-3268",
      "lastModified": "2024-11-21T00:32:48.880",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2007-07-18T23:30:00.000",
      "references": "[{\"url\": \"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=560\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\", \"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/26093\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://securitytracker.com/id?1018401\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www-1.ibm.com/support/docview.wss?uid=swg24016347\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\", \"Patch\"]}, {\"url\": \"http://www.securityfocus.com/bid/24942\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2007/2560\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www3.software.ibm.com/ibmdl/pub/software/tivoli_support/patches/patches_5.1.0/5.1.0-TIV-TPMOSD-FP0003/5.1.0-TIV-TPMOSD-FP0003.README.HTM\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/35468\", \"source\": \"cve@mitre.org\", \"tags\": [\"VDB Entry\", \"Vendor Advisory\"]}, {\"url\": \"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=560\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/26093\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://securitytracker.com/id?1018401\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www-1.ibm.com/support/docview.wss?uid=swg24016347\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Patch\"]}, {\"url\": \"http://www.securityfocus.com/bid/24942\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2007/2560\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www3.software.ibm.com/ibmdl/pub/software/tivoli_support/patches/patches_5.1.0/5.1.0-TIV-TPMOSD-FP0003/5.1.0-TIV-TPMOSD-FP0003.README.HTM\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/35468\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"VDB Entry\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-369\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2007-3268\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2007-07-18T23:30:00.000\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The TFTP implementation in IBM Tivoli Provisioning Manager for OS Deployment 5.1 before Fix Pack 3 allows remote attackers to cause a denial of service (rembo.exe crash and multiple service outage) via a read (RRQ) request with an invalid blksize (blocksize), which triggers a divide-by-zero error.\"},{\"lang\":\"es\",\"value\":\"La implementaci\u00f3n TFTP en IBM Tivoli Provisioning Manager para OS Deployment 5.1 anterior a Fix Pack 3 permite a atacantes remotos provocar denegaci\u00f3n de servicio (caida de rembo.exe y apag\u00f3n de m\u00faltiples servicios) a trav\u00e9s de una lectura de respuesta (RQD) con un  tama\u00f1o de bloque (blksize) inv\u00e1lido, que dispara un error de divisi\u00f3n por cero.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-369\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ibm:tivoli_provisioning_manager_os_deployment:5.1.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71256B8E-D2BE-4AED-9CC3-F62ADAF71AE0\"}]}]}],\"references\":[{\"url\":\"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=560\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/26093\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1018401\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www-1.ibm.com/support/docview.wss?uid=swg24016347\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Patch\"]},{\"url\":\"http://www.securityfocus.com/bid/24942\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.vupen.com/english/advisories/2007/2560\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www3.software.ibm.com/ibmdl/pub/software/tivoli_support/patches/patches_5.1.0/5.1.0-TIV-TPMOSD-FP0003/5.1.0-TIV-TPMOSD-FP0003.README.HTM\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/35468\",\"source\":\"cve@mitre.org\",\"tags\":[\"VDB Entry\",\"Vendor Advisory\"]},{\"url\":\"http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=560\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/26093\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1018401\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www-1.ibm.com/support/docview.wss?uid=swg24016347\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Patch\"]},{\"url\":\"http://www.securityfocus.com/bid/24942\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.vupen.com/english/advisories/2007/2560\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www3.software.ibm.com/ibmdl/pub/software/tivoli_support/patches/patches_5.1.0/5.1.0-TIV-TPMOSD-FP0003/5.1.0-TIV-TPMOSD-FP0003.README.HTM\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/35468\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"VDB Entry\",\"Vendor Advisory\"]}]}}"
  }
}

CERTA-2007-AVI-320

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité a été découverte dans le produit Provisioning Manager d'IBM Tivoli. L'exploitation de cette vulnérabilité provoque un déni de tous les services fonctionnant sur la plate-forme.

Description

Une vulnérabilité due à la mauvaise gestion d'une division par zéro dans le Provisioning Manager d'IBM Tivoli a été découverte. L'exploitation à distance de cette vulnérabilité via un paquet UDP spécialement construit à destination du port 69 provoque un déni de service de toutes les fonctionalités de la machine vulnérable, telles que TFTP, HTTP, HTTPS, DHCP, ...

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

IBM Tivoli Provisioning Manager for OS Deployment version 5.1.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de mise à jour d'IBM numéro 4016347	None	vendor-advisory
Bulletin de sécurité IBM swg24016347 du 11 juillet 2007 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cSPAN class=\"textit\"\u003eIBM Tivoli  Provisioning Manager for OS Deployment\u003c/SPAN\u003e version 5.1.",
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 due \u00e0 la mauvaise gestion d\u0027une division par z\u00e9ro dans\nle Provisioning Manager d\u0027IBM Tivoli a \u00e9t\u00e9 d\u00e9couverte. L\u0027exploitation \u00e0\ndistance de cette vuln\u00e9rabilit\u00e9 via un paquet UDP sp\u00e9cialement construit\n\u00e0 destination du port 69 provoque un d\u00e9ni de service de toutes les\nfonctionalit\u00e9s de la machine vuln\u00e9rable, telles que TFTP, HTTP, HTTPS,\nDHCP, ...\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-3268",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3268"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 IBM swg24016347 du 11 juillet 2007 :",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg24016347"
    }
  ],
  "reference": "CERTA-2007-AVI-320",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-07-18T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans le produit \u003cspan\nclass=\"textit\"\u003eProvisioning Manager\u003c/span\u003e d\u0027IBM Tivoli. L\u0027exploitation\nde cette vuln\u00e9rabilit\u00e9 provoque un d\u00e9ni de tous les services\nfonctionnant sur la plate-forme.\n",
  "title": "Vuln\u00e9rabilit\u00e9 d\u0027IBM Tivoli Provisioning Manager",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de mise \u00e0 jour d\u0027IBM num\u00e9ro 4016347",
      "url": null
    }
  ]
}

CERTA-2007-AVI-320

Vulnerability from certfr_avis - Published: - Updated:

Description

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

IBM Tivoli Provisioning Manager for OS Deployment version 5.1.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de mise à jour d'IBM numéro 4016347	None	vendor-advisory
Bulletin de sécurité IBM swg24016347 du 11 juillet 2007 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cSPAN class=\"textit\"\u003eIBM Tivoli  Provisioning Manager for OS Deployment\u003c/SPAN\u003e version 5.1.",
  "content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 due \u00e0 la mauvaise gestion d\u0027une division par z\u00e9ro dans\nle Provisioning Manager d\u0027IBM Tivoli a \u00e9t\u00e9 d\u00e9couverte. L\u0027exploitation \u00e0\ndistance de cette vuln\u00e9rabilit\u00e9 via un paquet UDP sp\u00e9cialement construit\n\u00e0 destination du port 69 provoque un d\u00e9ni de service de toutes les\nfonctionalit\u00e9s de la machine vuln\u00e9rable, telles que TFTP, HTTP, HTTPS,\nDHCP, ...\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-3268",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-3268"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 IBM swg24016347 du 11 juillet 2007 :",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg24016347"
    }
  ],
  "reference": "CERTA-2007-AVI-320",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-07-18T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans le produit \u003cspan\nclass=\"textit\"\u003eProvisioning Manager\u003c/span\u003e d\u0027IBM Tivoli. L\u0027exploitation\nde cette vuln\u00e9rabilit\u00e9 provoque un d\u00e9ni de tous les services\nfonctionnant sur la plate-forme.\n",
  "title": "Vuln\u00e9rabilit\u00e9 d\u0027IBM Tivoli Provisioning Manager",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de mise \u00e0 jour d\u0027IBM num\u00e9ro 4016347",
      "url": null
    }
  ]
}

FKIE_CVE-2007-3268

Vulnerability from fkie_nvd - Published: 2007-07-18 23:30 - Updated: 2025-04-09 00:30

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
cve@mitre.org	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=560	Broken Link, Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/26093	Broken Link, Patch, Vendor Advisory
cve@mitre.org	http://securitytracker.com/id?1018401	Broken Link, Third Party Advisory, VDB Entry
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg24016347	Broken Link, Patch
cve@mitre.org	http://www.securityfocus.com/bid/24942	Broken Link, Third Party Advisory, VDB Entry
cve@mitre.org	http://www.vupen.com/english/advisories/2007/2560	Broken Link
cve@mitre.org	http://www3.software.ibm.com/ibmdl/pub/software/tivoli_support/patches/patches_5.1.0/5.1.0-TIV-TPMOSD-FP0003/5.1.0-TIV-TPMOSD-FP0003.README.HTM	Patch
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/35468	VDB Entry, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=560	Broken Link, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26093	Broken Link, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1018401	Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg24016347	Broken Link, Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/24942	Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/2560	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www3.software.ibm.com/ibmdl/pub/software/tivoli_support/patches/patches_5.1.0/5.1.0-TIV-TPMOSD-FP0003/5.1.0-TIV-TPMOSD-FP0003.README.HTM	Patch
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/35468	VDB Entry, Vendor Advisory

Impacted products

	Vendor	Product	Version
	ibm	tivoli_provisioning_manager_os_deployment	5.1.0.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:tivoli_provisioning_manager_os_deployment:5.1.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "71256B8E-D2BE-4AED-9CC3-F62ADAF71AE0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The TFTP implementation in IBM Tivoli Provisioning Manager for OS Deployment 5.1 before Fix Pack 3 allows remote attackers to cause a denial of service (rembo.exe crash and multiple service outage) via a read (RRQ) request with an invalid blksize (blocksize), which triggers a divide-by-zero error."
    },
    {
      "lang": "es",
      "value": "La implementaci\u00f3n TFTP en IBM Tivoli Provisioning Manager para OS Deployment 5.1 anterior a Fix Pack 3 permite a atacantes remotos provocar denegaci\u00f3n de servicio (caida de rembo.exe y apag\u00f3n de m\u00faltiples servicios) a trav\u00e9s de una lectura de respuesta (RQD) con un  tama\u00f1o de bloque (blksize) inv\u00e1lido, que dispara un error de divisi\u00f3n por cero."
    }
  ],
  "id": "CVE-2007-3268",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2007-07-18T23:30:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Vendor Advisory"
      ],
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=560"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26093"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://securitytracker.com/id?1018401"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg24016347"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/24942"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/2560"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www3.software.ibm.com/ibmdl/pub/software/tivoli_support/patches/patches_5.1.0/5.1.0-TIV-TPMOSD-FP0003/5.1.0-TIV-TPMOSD-FP0003.README.HTM"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35468"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Vendor Advisory"
      ],
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=560"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26093"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://securitytracker.com/id?1018401"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg24016347"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/24942"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/2560"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www3.software.ibm.com/ibmdl/pub/software/tivoli_support/patches/patches_5.1.0/5.1.0-TIV-TPMOSD-FP0003/5.1.0-TIV-TPMOSD-FP0003.README.HTM"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "VDB Entry",
        "Vendor Advisory"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35468"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-369"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-9Q64-VQCR-HW99

Vulnerability from github – Published: 2022-05-01 18:11 – Updated: 2024-02-02 03:30

Details

Severity ?

7.5 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2007-3268"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-369"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2007-07-18T23:30:00Z",
    "severity": "MODERATE"
  },
  "details": "The TFTP implementation in IBM Tivoli Provisioning Manager for OS Deployment 5.1 before Fix Pack 3 allows remote attackers to cause a denial of service (rembo.exe crash and multiple service outage) via a read (RRQ) request with an invalid blksize (blocksize), which triggers a divide-by-zero error.",
  "id": "GHSA-9q64-vqcr-hw99",
  "modified": "2024-02-02T03:30:31Z",
  "published": "2022-05-01T18:11:57Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2007-3268"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35468"
    },
    {
      "type": "WEB",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=560"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/26093"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1018401"
    },
    {
      "type": "WEB",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg24016347"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/24942"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/2560"
    },
    {
      "type": "WEB",
      "url": "http://www3.software.ibm.com/ibmdl/pub/software/tivoli_support/patches/patches_5.1.0/5.1.0-TIV-TPMOSD-FP0003/5.1.0-TIV-TPMOSD-FP0003.README.HTM"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2007-3268

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2007-3268

Aliases

CVE-2007-3268

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2007-3268",
    "description": "The TFTP implementation in IBM Tivoli Provisioning Manager for OS Deployment 5.1 before Fix Pack 3 allows remote attackers to cause a denial of service (rembo.exe crash and multiple service outage) via a read (RRQ) request with an invalid blksize (blocksize), which triggers a divide-by-zero error.",
    "id": "GSD-2007-3268"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2007-3268"
      ],
      "details": "The TFTP implementation in IBM Tivoli Provisioning Manager for OS Deployment 5.1 before Fix Pack 3 allows remote attackers to cause a denial of service (rembo.exe crash and multiple service outage) via a read (RRQ) request with an invalid blksize (blocksize), which triggers a divide-by-zero error.",
      "id": "GSD-2007-3268",
      "modified": "2023-12-13T01:21:42.005545Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2007-3268",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The TFTP implementation in IBM Tivoli Provisioning Manager for OS Deployment 5.1 before Fix Pack 3 allows remote attackers to cause a denial of service (rembo.exe crash and multiple service outage) via a read (RRQ) request with an invalid blksize (blocksize), which triggers a divide-by-zero error."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www3.software.ibm.com/ibmdl/pub/software/tivoli_support/patches/patches_5.1.0/5.1.0-TIV-TPMOSD-FP0003/5.1.0-TIV-TPMOSD-FP0003.README.HTM",
            "refsource": "CONFIRM",
            "url": "http://www3.software.ibm.com/ibmdl/pub/software/tivoli_support/patches/patches_5.1.0/5.1.0-TIV-TPMOSD-FP0003/5.1.0-TIV-TPMOSD-FP0003.README.HTM"
          },
          {
            "name": "ADV-2007-2560",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2007/2560"
          },
          {
            "name": "26093",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/26093"
          },
          {
            "name": "24942",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/24942"
          },
          {
            "name": "http://www-1.ibm.com/support/docview.wss?uid=swg24016347",
            "refsource": "CONFIRM",
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg24016347"
          },
          {
            "name": "20070717 IBM Tivoli Provisioning Manager for OS Deployment TFTP Blocksize DoS Vulnerability",
            "refsource": "IDEFENSE",
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=560"
          },
          {
            "name": "1018401",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1018401"
          },
          {
            "name": "tivoli-rembo-dos(35468)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35468"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:ibm:tivoli_provisioning_manager_os_deployment:5.1.0.2:*:*:*:*:*:*:*",
                    "matchCriteriaId": "71256B8E-D2BE-4AED-9CC3-F62ADAF71AE0",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "The TFTP implementation in IBM Tivoli Provisioning Manager for OS Deployment 5.1 before Fix Pack 3 allows remote attackers to cause a denial of service (rembo.exe crash and multiple service outage) via a read (RRQ) request with an invalid blksize (blocksize), which triggers a divide-by-zero error."
          },
          {
            "lang": "es",
            "value": "La implementaci\u00f3n TFTP en IBM Tivoli Provisioning Manager para OS Deployment 5.1 anterior a Fix Pack 3 permite a atacantes remotos provocar denegaci\u00f3n de servicio (caida de rembo.exe y apag\u00f3n de m\u00faltiples servicios) a trav\u00e9s de una lectura de respuesta (RQD) con un  tama\u00f1o de bloque (blksize) inv\u00e1lido, que dispara un error de divisi\u00f3n por cero."
          }
        ],
        "id": "CVE-2007-3268",
        "lastModified": "2024-02-02T03:03:40.700",
        "metrics": {
          "cvssMetricV2": [
            {
              "acInsufInfo": false,
              "baseSeverity": "MEDIUM",
              "cvssData": {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.0,
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
                "version": "2.0"
              },
              "exploitabilityScore": 10.0,
              "impactScore": 2.9,
              "obtainAllPrivilege": false,
              "obtainOtherPrivilege": false,
              "obtainUserPrivilege": false,
              "source": "nvd@nist.gov",
              "type": "Primary",
              "userInteractionRequired": false
            }
          ],
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              },
              "exploitabilityScore": 3.9,
              "impactScore": 3.6,
              "source": "nvd@nist.gov",
              "type": "Primary"
            }
          ]
        },
        "published": "2007-07-18T23:30:00.000",
        "references": [
          {
            "source": "cve@mitre.org",
            "tags": [
              "Broken Link",
              "Vendor Advisory"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=560"
          },
          {
            "source": "cve@mitre.org",
            "tags": [
              "Broken Link",
              "Patch",
              "Vendor Advisory"
            ],
            "url": "http://secunia.com/advisories/26093"
          },
          {
            "source": "cve@mitre.org",
            "tags": [
              "Broken Link",
              "Third Party Advisory",
              "VDB Entry"
            ],
            "url": "http://securitytracker.com/id?1018401"
          },
          {
            "source": "cve@mitre.org",
            "tags": [
              "Broken Link",
              "Patch"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg24016347"
          },
          {
            "source": "cve@mitre.org",
            "tags": [
              "Broken Link",
              "Third Party Advisory",
              "VDB Entry"
            ],
            "url": "http://www.securityfocus.com/bid/24942"
          },
          {
            "source": "cve@mitre.org",
            "tags": [
              "Broken Link"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2560"
          },
          {
            "source": "cve@mitre.org",
            "tags": [
              "Patch"
            ],
            "url": "http://www3.software.ibm.com/ibmdl/pub/software/tivoli_support/patches/patches_5.1.0/5.1.0-TIV-TPMOSD-FP0003/5.1.0-TIV-TPMOSD-FP0003.README.HTM"
          },
          {
            "source": "cve@mitre.org",
            "tags": [
              "VDB Entry",
              "Vendor Advisory"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35468"
          }
        ],
        "sourceIdentifier": "cve@mitre.org",
        "vulnStatus": "Analyzed",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-369"
              }
            ],
            "source": "nvd@nist.gov",
            "type": "Primary"
          }
        ]
      }
    }
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2007-3268 (GCVE-0-2007-3268)

CERTA-2007-AVI-320

Description

Solution

CERTA-2007-AVI-320

Description

Solution

FKIE_CVE-2007-3268

GHSA-9Q64-VQCR-HW99

GSD-2007-3268

Tags

Sightings

Nomenclature