Search

Find a vulnerability

Search criteria

    12 vulnerabilities found for tivoli_management_framework by ibm

    CVE-2011-2330 (GCVE-0-2011-2330)

    Vulnerability from nvd – Published: 2011-06-02 20:00 – Updated: 2024-08-06 23:00
    VLAI
    Summary
    Tivoli Endpoint in IBM Tivoli Management Framework 3.7.1, 4.1, 4.1.1, and 4.3.1 has an unspecified "built-in account" that is "trivially" accessed, which makes it easier for remote attackers to send requests to restricted pages via a session on TCP port 9495, a different vulnerability than CVE-2011-1220.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2011-05-31 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T23:00:32.958Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "8268",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/8268"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21499146"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://zerodayinitiative.com/advisories/ZDI-11-169/"
              },
              {
                "name": "20110531 ZDI-11-169: IBM Tivoli Endpoint lcfd.exe opts Argument Remote Code Execution Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/518199/100/0/threaded"
              },
              {
                "name": "tivoli-framework-endpoint-code-exec(67858)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67858"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-05-31T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Tivoli Endpoint in IBM Tivoli Management Framework 3.7.1, 4.1, 4.1.1, and 4.3.1 has an unspecified \"built-in account\" that is \"trivially\" accessed, which makes it easier for remote attackers to send requests to restricted pages via a session on TCP port 9495, a different vulnerability than CVE-2011-1220."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-09T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "8268",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/8268"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21499146"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://zerodayinitiative.com/advisories/ZDI-11-169/"
            },
            {
              "name": "20110531 ZDI-11-169: IBM Tivoli Endpoint lcfd.exe opts Argument Remote Code Execution Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/518199/100/0/threaded"
            },
            {
              "name": "tivoli-framework-endpoint-code-exec(67858)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67858"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2011-2330",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Tivoli Endpoint in IBM Tivoli Management Framework 3.7.1, 4.1, 4.1.1, and 4.3.1 has an unspecified \"built-in account\" that is \"trivially\" accessed, which makes it easier for remote attackers to send requests to restricted pages via a session on TCP port 9495, a different vulnerability than CVE-2011-1220."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "8268",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/8268"
                },
                {
                  "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21499146",
                  "refsource": "MISC",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21499146"
                },
                {
                  "name": "http://zerodayinitiative.com/advisories/ZDI-11-169/",
                  "refsource": "MISC",
                  "url": "http://zerodayinitiative.com/advisories/ZDI-11-169/"
                },
                {
                  "name": "20110531 ZDI-11-169: IBM Tivoli Endpoint lcfd.exe opts Argument Remote Code Execution Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/518199/100/0/threaded"
                },
                {
                  "name": "tivoli-framework-endpoint-code-exec(67858)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67858"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2011-2330",
        "datePublished": "2011-06-02T20:00:00.000Z",
        "dateReserved": "2011-06-02T00:00:00.000Z",
        "dateUpdated": "2024-08-06T23:00:32.958Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-1220 (GCVE-0-2011-1220)

    Vulnerability from nvd – Published: 2011-06-02 20:00 – Updated: 2024-08-06 22:21
    VLAI
    Summary
    Stack-based buffer overflow in lcfd.exe in Tivoli Endpoint in IBM Tivoli Management Framework 3.7.1, 4.1, 4.1.1, and 4.3.1 allows remote authenticated users to execute arbitrary code via a long opts field.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/44628 third-party-advisoryx_refsource_SECUNIA
    http://securityreason.com/securityalert/8268 third-party-advisoryx_refsource_SREASON
    http://securitytracker.com/id?1025581 vdb-entryx_refsource_SECTRACK
    http://www-01.ibm.com/support/docview.wss?uid=swg… x_refsource_CONFIRM
    http://www.ibm.com/support/docview.wss?uid=swg1IZ90238 vendor-advisoryx_refsource_AIXAPAR
    http://zerodayinitiative.com/advisories/ZDI-11-169/ x_refsource_MISC
    http://www.securityfocus.com/archive/1/518199/100… mailing-listx_refsource_BUGTRAQ
    Date Public
    2011-05-31 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T22:21:33.988Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "tivoli-endpoint-lcfd-bo(67631)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67631"
              },
              {
                "name": "44628",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/44628"
              },
              {
                "name": "8268",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/8268"
              },
              {
                "name": "1025581",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1025581"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21499146"
              },
              {
                "name": "IZ90238",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_AIXAPAR",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=swg1IZ90238"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://zerodayinitiative.com/advisories/ZDI-11-169/"
              },
              {
                "name": "20110531 ZDI-11-169: IBM Tivoli Endpoint lcfd.exe opts Argument Remote Code Execution Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/518199/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-05-31T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in lcfd.exe in Tivoli Endpoint in IBM Tivoli Management Framework 3.7.1, 4.1, 4.1.1, and 4.3.1 allows remote authenticated users to execute arbitrary code via a long opts field."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-09T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "tivoli-endpoint-lcfd-bo(67631)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67631"
            },
            {
              "name": "44628",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/44628"
            },
            {
              "name": "8268",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/8268"
            },
            {
              "name": "1025581",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1025581"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21499146"
            },
            {
              "name": "IZ90238",
              "tags": [
                "vendor-advisory",
                "x_refsource_AIXAPAR"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=swg1IZ90238"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://zerodayinitiative.com/advisories/ZDI-11-169/"
            },
            {
              "name": "20110531 ZDI-11-169: IBM Tivoli Endpoint lcfd.exe opts Argument Remote Code Execution Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/518199/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2011-1220",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in lcfd.exe in Tivoli Endpoint in IBM Tivoli Management Framework 3.7.1, 4.1, 4.1.1, and 4.3.1 allows remote authenticated users to execute arbitrary code via a long opts field."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "tivoli-endpoint-lcfd-bo(67631)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67631"
                },
                {
                  "name": "44628",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/44628"
                },
                {
                  "name": "8268",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/8268"
                },
                {
                  "name": "1025581",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1025581"
                },
                {
                  "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21499146",
                  "refsource": "CONFIRM",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21499146"
                },
                {
                  "name": "IZ90238",
                  "refsource": "AIXAPAR",
                  "url": "http://www.ibm.com/support/docview.wss?uid=swg1IZ90238"
                },
                {
                  "name": "http://zerodayinitiative.com/advisories/ZDI-11-169/",
                  "refsource": "MISC",
                  "url": "http://zerodayinitiative.com/advisories/ZDI-11-169/"
                },
                {
                  "name": "20110531 ZDI-11-169: IBM Tivoli Endpoint lcfd.exe opts Argument Remote Code Execution Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/518199/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2011-1220",
        "datePublished": "2011-06-02T20:00:00.000Z",
        "dateReserved": "2011-03-03T00:00:00.000Z",
        "dateUpdated": "2024-08-06T22:21:33.988Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-2170 (GCVE-0-2005-2170)

    Vulnerability from nvd – Published: 2005-07-11 04:00 – Updated: 2024-08-07 22:15
    VLAI
    Summary
    The LCF component (lcfd) in IBM Tivoli Management Framework Endpoint allows remote attackers to cause a denial of service (process exit and connection loss) by connecting to LCF and ending the connection without sending any data.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/15953 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/14194 vdb-entryx_refsource_BID
    http://www-1.ibm.com/support/entdocview.wss?uid=s… x_refsource_CONFIRM
    http://securitytracker.com/id?1014424 vdb-entryx_refsource_SECTRACK
    http://www.vupen.com/english/advisories/2005/1018 vdb-entryx_refsource_VUPEN
    http://www.corsaire.com/advisories/c041127-001.txt x_refsource_MISC
    Date Public
    2005-07-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T22:15:37.636Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "15953",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/15953"
              },
              {
                "name": "14194",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/14194"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www-1.ibm.com/support/entdocview.wss?uid=swg21210334"
              },
              {
                "name": "1014424",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1014424"
              },
              {
                "name": "ADV-2005-1018",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2005/1018"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.corsaire.com/advisories/c041127-001.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-07-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The LCF component (lcfd) in IBM Tivoli Management Framework Endpoint allows remote attackers to cause a denial of service (process exit and connection loss) by connecting to LCF and ending the connection without sending any data."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2006-01-17T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "15953",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/15953"
            },
            {
              "name": "14194",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/14194"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www-1.ibm.com/support/entdocview.wss?uid=swg21210334"
            },
            {
              "name": "1014424",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1014424"
            },
            {
              "name": "ADV-2005-1018",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2005/1018"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.corsaire.com/advisories/c041127-001.txt"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-2170",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The LCF component (lcfd) in IBM Tivoli Management Framework Endpoint allows remote attackers to cause a denial of service (process exit and connection loss) by connecting to LCF and ending the connection without sending any data."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "15953",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/15953"
                },
                {
                  "name": "14194",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/14194"
                },
                {
                  "name": "http://www-1.ibm.com/support/entdocview.wss?uid=swg21210334",
                  "refsource": "CONFIRM",
                  "url": "http://www-1.ibm.com/support/entdocview.wss?uid=swg21210334"
                },
                {
                  "name": "1014424",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1014424"
                },
                {
                  "name": "ADV-2005-1018",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2005/1018"
                },
                {
                  "name": "http://www.corsaire.com/advisories/c041127-001.txt",
                  "refsource": "MISC",
                  "url": "http://www.corsaire.com/advisories/c041127-001.txt"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-2170",
        "datePublished": "2005-07-11T04:00:00.000Z",
        "dateReserved": "2005-07-07T00:00:00.000Z",
        "dateUpdated": "2024-08-07T22:15:37.636Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2002-1012 (GCVE-0-2002-1012)

    Vulnerability from nvd – Published: 2002-08-31 04:00 – Updated: 2024-08-08 03:12
    VLAI
    Summary
    Buffer overflow in web server for Tivoli Management Framework (TMF) ManagedNode 3.6.x through 3.7.1 allows remote attackers to cause a denial of service or execute arbitrary code via a long HTTP GET request.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2002-07-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T03:12:16.430Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "5233",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/5233"
              },
              {
                "name": "20020715 Tivoli TMF ManagedNode Buffer Overflow",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://online.securityfocus.com/archive/1/282283"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.tivoli.com/secure/support/documents/security/mgt-fwk-http-vul.html"
              },
              {
                "name": "20020715 Tivoli TMF ManagedNode Buffer Overflow",
                "tags": [
                  "mailing-list",
                  "x_refsource_VULNWATCH",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0024.html"
              },
              {
                "name": "tivoli-tmr-managednode-bo(9556)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "http://www.iss.net/security_center/static/9556.php"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2002-07-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in web server for Tivoli Management Framework (TMF) ManagedNode 3.6.x through 3.7.1 allows remote attackers to cause a denial of service or execute arbitrary code via a long HTTP GET request."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2002-09-10T09:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "5233",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/5233"
            },
            {
              "name": "20020715 Tivoli TMF ManagedNode Buffer Overflow",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://online.securityfocus.com/archive/1/282283"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.tivoli.com/secure/support/documents/security/mgt-fwk-http-vul.html"
            },
            {
              "name": "20020715 Tivoli TMF ManagedNode Buffer Overflow",
              "tags": [
                "mailing-list",
                "x_refsource_VULNWATCH"
              ],
              "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0024.html"
            },
            {
              "name": "tivoli-tmr-managednode-bo(9556)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "http://www.iss.net/security_center/static/9556.php"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-1012",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in web server for Tivoli Management Framework (TMF) ManagedNode 3.6.x through 3.7.1 allows remote attackers to cause a denial of service or execute arbitrary code via a long HTTP GET request."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "5233",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/5233"
                },
                {
                  "name": "20020715 Tivoli TMF ManagedNode Buffer Overflow",
                  "refsource": "BUGTRAQ",
                  "url": "http://online.securityfocus.com/archive/1/282283"
                },
                {
                  "name": "http://www.tivoli.com/secure/support/documents/security/mgt-fwk-http-vul.html",
                  "refsource": "MISC",
                  "url": "http://www.tivoli.com/secure/support/documents/security/mgt-fwk-http-vul.html"
                },
                {
                  "name": "20020715 Tivoli TMF ManagedNode Buffer Overflow",
                  "refsource": "VULNWATCH",
                  "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0024.html"
                },
                {
                  "name": "tivoli-tmr-managednode-bo(9556)",
                  "refsource": "XF",
                  "url": "http://www.iss.net/security_center/static/9556.php"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-1012",
        "datePublished": "2002-08-31T04:00:00.000Z",
        "dateReserved": "2002-08-27T00:00:00.000Z",
        "dateUpdated": "2024-08-08T03:12:16.430Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2002-1011 (GCVE-0-2002-1011)

    Vulnerability from nvd – Published: 2002-08-31 04:00 – Updated: 2024-08-08 03:12
    VLAI
    Summary
    Buffer overflow in web server for Tivoli Management Framework (TMF) Endpoint 3.6.x through 3.7.1, before Fixpack 2, allows remote attackers to cause a denial of service or execute arbitrary code via a long HTTP GET request.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2002-07-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T03:12:16.476Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "5235",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/5235"
              },
              {
                "name": "20020715 Tivoli TMF Endpoint Buffer Overflow",
                "tags": [
                  "mailing-list",
                  "x_refsource_VULNWATCH",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0023.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.tivoli.com/secure/support/documents/security/mgt-fwk-http-vul.html"
              },
              {
                "name": "tivoli-tmr-endpoint-bo(9555)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "http://www.iss.net/security_center/static/9555.php"
              },
              {
                "name": "20020715 Tivoli TMF Endpoint Buffer Overflow",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://online.securityfocus.com/archive/1/282292"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2002-07-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in web server for Tivoli Management Framework (TMF) Endpoint 3.6.x through 3.7.1, before Fixpack 2, allows remote attackers to cause a denial of service or execute arbitrary code via a long HTTP GET request."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2002-09-10T09:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "5235",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/5235"
            },
            {
              "name": "20020715 Tivoli TMF Endpoint Buffer Overflow",
              "tags": [
                "mailing-list",
                "x_refsource_VULNWATCH"
              ],
              "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0023.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.tivoli.com/secure/support/documents/security/mgt-fwk-http-vul.html"
            },
            {
              "name": "tivoli-tmr-endpoint-bo(9555)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "http://www.iss.net/security_center/static/9555.php"
            },
            {
              "name": "20020715 Tivoli TMF Endpoint Buffer Overflow",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://online.securityfocus.com/archive/1/282292"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-1011",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in web server for Tivoli Management Framework (TMF) Endpoint 3.6.x through 3.7.1, before Fixpack 2, allows remote attackers to cause a denial of service or execute arbitrary code via a long HTTP GET request."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "5235",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/5235"
                },
                {
                  "name": "20020715 Tivoli TMF Endpoint Buffer Overflow",
                  "refsource": "VULNWATCH",
                  "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0023.html"
                },
                {
                  "name": "http://www.tivoli.com/secure/support/documents/security/mgt-fwk-http-vul.html",
                  "refsource": "MISC",
                  "url": "http://www.tivoli.com/secure/support/documents/security/mgt-fwk-http-vul.html"
                },
                {
                  "name": "tivoli-tmr-endpoint-bo(9555)",
                  "refsource": "XF",
                  "url": "http://www.iss.net/security_center/static/9555.php"
                },
                {
                  "name": "20020715 Tivoli TMF Endpoint Buffer Overflow",
                  "refsource": "BUGTRAQ",
                  "url": "http://online.securityfocus.com/archive/1/282292"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-1011",
        "datePublished": "2002-08-31T04:00:00.000Z",
        "dateReserved": "2002-08-27T00:00:00.000Z",
        "dateUpdated": "2024-08-08T03:12:16.476Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2000-1239 (GCVE-0-2000-1239)

    Vulnerability from nvd – Published: 2006-03-15 17:00 – Updated: 2024-08-08 05:45
    VLAI
    Summary
    The HTTP interface of Tivoli Lightweight Client Framework (LCF) in IBM Tivoli Management Framework 3.7.1 sets http_disable to zero at install time, which allows remote authenticated users to bypass file permissions on Tivoli Endpoint Configuration data files via an unspecified manipulation of log files.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2000-02-01 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T05:45:37.524Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "tivoli-lcf-file-read(3927)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3927"
              },
              {
                "name": "17085",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/17085"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21082896"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2000-02-01T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The HTTP interface of Tivoli Lightweight Client Framework (LCF) in IBM Tivoli Management Framework 3.7.1 sets http_disable to zero at install time, which allows remote authenticated users to bypass file permissions on Tivoli Endpoint Configuration data files via an unspecified manipulation of log files."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-19T15:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "tivoli-lcf-file-read(3927)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3927"
            },
            {
              "name": "17085",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/17085"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21082896"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2000-1239",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The HTTP interface of Tivoli Lightweight Client Framework (LCF) in IBM Tivoli Management Framework 3.7.1 sets http_disable to zero at install time, which allows remote authenticated users to bypass file permissions on Tivoli Endpoint Configuration data files via an unspecified manipulation of log files."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "tivoli-lcf-file-read(3927)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3927"
                },
                {
                  "name": "17085",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/17085"
                },
                {
                  "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21082896",
                  "refsource": "CONFIRM",
                  "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21082896"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2000-1239",
        "datePublished": "2006-03-15T17:00:00.000Z",
        "dateReserved": "2006-03-15T00:00:00.000Z",
        "dateUpdated": "2024-08-08T05:45:37.524Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-1220 (GCVE-0-2011-1220)

    Vulnerability from cvelistv5 – Published: 2011-06-02 20:00 – Updated: 2024-08-06 22:21
    VLAI
    Summary
    Stack-based buffer overflow in lcfd.exe in Tivoli Endpoint in IBM Tivoli Management Framework 3.7.1, 4.1, 4.1.1, and 4.3.1 allows remote authenticated users to execute arbitrary code via a long opts field.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://secunia.com/advisories/44628 third-party-advisoryx_refsource_SECUNIA
    http://securityreason.com/securityalert/8268 third-party-advisoryx_refsource_SREASON
    http://securitytracker.com/id?1025581 vdb-entryx_refsource_SECTRACK
    http://www-01.ibm.com/support/docview.wss?uid=swg… x_refsource_CONFIRM
    http://www.ibm.com/support/docview.wss?uid=swg1IZ90238 vendor-advisoryx_refsource_AIXAPAR
    http://zerodayinitiative.com/advisories/ZDI-11-169/ x_refsource_MISC
    http://www.securityfocus.com/archive/1/518199/100… mailing-listx_refsource_BUGTRAQ
    Date Public
    2011-05-31 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T22:21:33.988Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "tivoli-endpoint-lcfd-bo(67631)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67631"
              },
              {
                "name": "44628",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/44628"
              },
              {
                "name": "8268",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/8268"
              },
              {
                "name": "1025581",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1025581"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21499146"
              },
              {
                "name": "IZ90238",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_AIXAPAR",
                  "x_transferred"
                ],
                "url": "http://www.ibm.com/support/docview.wss?uid=swg1IZ90238"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://zerodayinitiative.com/advisories/ZDI-11-169/"
              },
              {
                "name": "20110531 ZDI-11-169: IBM Tivoli Endpoint lcfd.exe opts Argument Remote Code Execution Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/518199/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-05-31T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in lcfd.exe in Tivoli Endpoint in IBM Tivoli Management Framework 3.7.1, 4.1, 4.1.1, and 4.3.1 allows remote authenticated users to execute arbitrary code via a long opts field."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-09T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "tivoli-endpoint-lcfd-bo(67631)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67631"
            },
            {
              "name": "44628",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/44628"
            },
            {
              "name": "8268",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/8268"
            },
            {
              "name": "1025581",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1025581"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21499146"
            },
            {
              "name": "IZ90238",
              "tags": [
                "vendor-advisory",
                "x_refsource_AIXAPAR"
              ],
              "url": "http://www.ibm.com/support/docview.wss?uid=swg1IZ90238"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://zerodayinitiative.com/advisories/ZDI-11-169/"
            },
            {
              "name": "20110531 ZDI-11-169: IBM Tivoli Endpoint lcfd.exe opts Argument Remote Code Execution Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/518199/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2011-1220",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Stack-based buffer overflow in lcfd.exe in Tivoli Endpoint in IBM Tivoli Management Framework 3.7.1, 4.1, 4.1.1, and 4.3.1 allows remote authenticated users to execute arbitrary code via a long opts field."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "tivoli-endpoint-lcfd-bo(67631)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67631"
                },
                {
                  "name": "44628",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/44628"
                },
                {
                  "name": "8268",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/8268"
                },
                {
                  "name": "1025581",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1025581"
                },
                {
                  "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21499146",
                  "refsource": "CONFIRM",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21499146"
                },
                {
                  "name": "IZ90238",
                  "refsource": "AIXAPAR",
                  "url": "http://www.ibm.com/support/docview.wss?uid=swg1IZ90238"
                },
                {
                  "name": "http://zerodayinitiative.com/advisories/ZDI-11-169/",
                  "refsource": "MISC",
                  "url": "http://zerodayinitiative.com/advisories/ZDI-11-169/"
                },
                {
                  "name": "20110531 ZDI-11-169: IBM Tivoli Endpoint lcfd.exe opts Argument Remote Code Execution Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/518199/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2011-1220",
        "datePublished": "2011-06-02T20:00:00.000Z",
        "dateReserved": "2011-03-03T00:00:00.000Z",
        "dateUpdated": "2024-08-06T22:21:33.988Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-2330 (GCVE-0-2011-2330)

    Vulnerability from cvelistv5 – Published: 2011-06-02 20:00 – Updated: 2024-08-06 23:00
    VLAI
    Summary
    Tivoli Endpoint in IBM Tivoli Management Framework 3.7.1, 4.1, 4.1.1, and 4.3.1 has an unspecified "built-in account" that is "trivially" accessed, which makes it easier for remote attackers to send requests to restricted pages via a session on TCP port 9495, a different vulnerability than CVE-2011-1220.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2011-05-31 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T23:00:32.958Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "8268",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/8268"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21499146"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://zerodayinitiative.com/advisories/ZDI-11-169/"
              },
              {
                "name": "20110531 ZDI-11-169: IBM Tivoli Endpoint lcfd.exe opts Argument Remote Code Execution Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/518199/100/0/threaded"
              },
              {
                "name": "tivoli-framework-endpoint-code-exec(67858)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67858"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-05-31T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Tivoli Endpoint in IBM Tivoli Management Framework 3.7.1, 4.1, 4.1.1, and 4.3.1 has an unspecified \"built-in account\" that is \"trivially\" accessed, which makes it easier for remote attackers to send requests to restricted pages via a session on TCP port 9495, a different vulnerability than CVE-2011-1220."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-09T18:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "8268",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/8268"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21499146"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://zerodayinitiative.com/advisories/ZDI-11-169/"
            },
            {
              "name": "20110531 ZDI-11-169: IBM Tivoli Endpoint lcfd.exe opts Argument Remote Code Execution Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/518199/100/0/threaded"
            },
            {
              "name": "tivoli-framework-endpoint-code-exec(67858)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67858"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2011-2330",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Tivoli Endpoint in IBM Tivoli Management Framework 3.7.1, 4.1, 4.1.1, and 4.3.1 has an unspecified \"built-in account\" that is \"trivially\" accessed, which makes it easier for remote attackers to send requests to restricted pages via a session on TCP port 9495, a different vulnerability than CVE-2011-1220."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "8268",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/8268"
                },
                {
                  "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21499146",
                  "refsource": "MISC",
                  "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21499146"
                },
                {
                  "name": "http://zerodayinitiative.com/advisories/ZDI-11-169/",
                  "refsource": "MISC",
                  "url": "http://zerodayinitiative.com/advisories/ZDI-11-169/"
                },
                {
                  "name": "20110531 ZDI-11-169: IBM Tivoli Endpoint lcfd.exe opts Argument Remote Code Execution Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/518199/100/0/threaded"
                },
                {
                  "name": "tivoli-framework-endpoint-code-exec(67858)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/67858"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2011-2330",
        "datePublished": "2011-06-02T20:00:00.000Z",
        "dateReserved": "2011-06-02T00:00:00.000Z",
        "dateUpdated": "2024-08-06T23:00:32.958Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2000-1239 (GCVE-0-2000-1239)

    Vulnerability from cvelistv5 – Published: 2006-03-15 17:00 – Updated: 2024-08-08 05:45
    VLAI
    Summary
    The HTTP interface of Tivoli Lightweight Client Framework (LCF) in IBM Tivoli Management Framework 3.7.1 sets http_disable to zero at install time, which allows remote authenticated users to bypass file permissions on Tivoli Endpoint Configuration data files via an unspecified manipulation of log files.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2000-02-01 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T05:45:37.524Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "tivoli-lcf-file-read(3927)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3927"
              },
              {
                "name": "17085",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/17085"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21082896"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2000-02-01T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The HTTP interface of Tivoli Lightweight Client Framework (LCF) in IBM Tivoli Management Framework 3.7.1 sets http_disable to zero at install time, which allows remote authenticated users to bypass file permissions on Tivoli Endpoint Configuration data files via an unspecified manipulation of log files."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-19T15:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "tivoli-lcf-file-read(3927)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3927"
            },
            {
              "name": "17085",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/17085"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21082896"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2000-1239",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The HTTP interface of Tivoli Lightweight Client Framework (LCF) in IBM Tivoli Management Framework 3.7.1 sets http_disable to zero at install time, which allows remote authenticated users to bypass file permissions on Tivoli Endpoint Configuration data files via an unspecified manipulation of log files."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "tivoli-lcf-file-read(3927)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3927"
                },
                {
                  "name": "17085",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/17085"
                },
                {
                  "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21082896",
                  "refsource": "CONFIRM",
                  "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21082896"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2000-1239",
        "datePublished": "2006-03-15T17:00:00.000Z",
        "dateReserved": "2006-03-15T00:00:00.000Z",
        "dateUpdated": "2024-08-08T05:45:37.524Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-2170 (GCVE-0-2005-2170)

    Vulnerability from cvelistv5 – Published: 2005-07-11 04:00 – Updated: 2024-08-07 22:15
    VLAI
    Summary
    The LCF component (lcfd) in IBM Tivoli Management Framework Endpoint allows remote attackers to cause a denial of service (process exit and connection loss) by connecting to LCF and ending the connection without sending any data.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/15953 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/14194 vdb-entryx_refsource_BID
    http://www-1.ibm.com/support/entdocview.wss?uid=s… x_refsource_CONFIRM
    http://securitytracker.com/id?1014424 vdb-entryx_refsource_SECTRACK
    http://www.vupen.com/english/advisories/2005/1018 vdb-entryx_refsource_VUPEN
    http://www.corsaire.com/advisories/c041127-001.txt x_refsource_MISC
    Date Public
    2005-07-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T22:15:37.636Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "15953",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/15953"
              },
              {
                "name": "14194",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/14194"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www-1.ibm.com/support/entdocview.wss?uid=swg21210334"
              },
              {
                "name": "1014424",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1014424"
              },
              {
                "name": "ADV-2005-1018",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2005/1018"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.corsaire.com/advisories/c041127-001.txt"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2005-07-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The LCF component (lcfd) in IBM Tivoli Management Framework Endpoint allows remote attackers to cause a denial of service (process exit and connection loss) by connecting to LCF and ending the connection without sending any data."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2006-01-17T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "15953",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/15953"
            },
            {
              "name": "14194",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/14194"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www-1.ibm.com/support/entdocview.wss?uid=swg21210334"
            },
            {
              "name": "1014424",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1014424"
            },
            {
              "name": "ADV-2005-1018",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2005/1018"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.corsaire.com/advisories/c041127-001.txt"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-2170",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The LCF component (lcfd) in IBM Tivoli Management Framework Endpoint allows remote attackers to cause a denial of service (process exit and connection loss) by connecting to LCF and ending the connection without sending any data."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "15953",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/15953"
                },
                {
                  "name": "14194",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/14194"
                },
                {
                  "name": "http://www-1.ibm.com/support/entdocview.wss?uid=swg21210334",
                  "refsource": "CONFIRM",
                  "url": "http://www-1.ibm.com/support/entdocview.wss?uid=swg21210334"
                },
                {
                  "name": "1014424",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1014424"
                },
                {
                  "name": "ADV-2005-1018",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2005/1018"
                },
                {
                  "name": "http://www.corsaire.com/advisories/c041127-001.txt",
                  "refsource": "MISC",
                  "url": "http://www.corsaire.com/advisories/c041127-001.txt"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-2170",
        "datePublished": "2005-07-11T04:00:00.000Z",
        "dateReserved": "2005-07-07T00:00:00.000Z",
        "dateUpdated": "2024-08-07T22:15:37.636Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2002-1012 (GCVE-0-2002-1012)

    Vulnerability from cvelistv5 – Published: 2002-08-31 04:00 – Updated: 2024-08-08 03:12
    VLAI
    Summary
    Buffer overflow in web server for Tivoli Management Framework (TMF) ManagedNode 3.6.x through 3.7.1 allows remote attackers to cause a denial of service or execute arbitrary code via a long HTTP GET request.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2002-07-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T03:12:16.430Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "5233",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/5233"
              },
              {
                "name": "20020715 Tivoli TMF ManagedNode Buffer Overflow",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://online.securityfocus.com/archive/1/282283"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.tivoli.com/secure/support/documents/security/mgt-fwk-http-vul.html"
              },
              {
                "name": "20020715 Tivoli TMF ManagedNode Buffer Overflow",
                "tags": [
                  "mailing-list",
                  "x_refsource_VULNWATCH",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0024.html"
              },
              {
                "name": "tivoli-tmr-managednode-bo(9556)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "http://www.iss.net/security_center/static/9556.php"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2002-07-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in web server for Tivoli Management Framework (TMF) ManagedNode 3.6.x through 3.7.1 allows remote attackers to cause a denial of service or execute arbitrary code via a long HTTP GET request."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2002-09-10T09:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "5233",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/5233"
            },
            {
              "name": "20020715 Tivoli TMF ManagedNode Buffer Overflow",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://online.securityfocus.com/archive/1/282283"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.tivoli.com/secure/support/documents/security/mgt-fwk-http-vul.html"
            },
            {
              "name": "20020715 Tivoli TMF ManagedNode Buffer Overflow",
              "tags": [
                "mailing-list",
                "x_refsource_VULNWATCH"
              ],
              "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0024.html"
            },
            {
              "name": "tivoli-tmr-managednode-bo(9556)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "http://www.iss.net/security_center/static/9556.php"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-1012",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in web server for Tivoli Management Framework (TMF) ManagedNode 3.6.x through 3.7.1 allows remote attackers to cause a denial of service or execute arbitrary code via a long HTTP GET request."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "5233",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/5233"
                },
                {
                  "name": "20020715 Tivoli TMF ManagedNode Buffer Overflow",
                  "refsource": "BUGTRAQ",
                  "url": "http://online.securityfocus.com/archive/1/282283"
                },
                {
                  "name": "http://www.tivoli.com/secure/support/documents/security/mgt-fwk-http-vul.html",
                  "refsource": "MISC",
                  "url": "http://www.tivoli.com/secure/support/documents/security/mgt-fwk-http-vul.html"
                },
                {
                  "name": "20020715 Tivoli TMF ManagedNode Buffer Overflow",
                  "refsource": "VULNWATCH",
                  "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0024.html"
                },
                {
                  "name": "tivoli-tmr-managednode-bo(9556)",
                  "refsource": "XF",
                  "url": "http://www.iss.net/security_center/static/9556.php"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-1012",
        "datePublished": "2002-08-31T04:00:00.000Z",
        "dateReserved": "2002-08-27T00:00:00.000Z",
        "dateUpdated": "2024-08-08T03:12:16.430Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2002-1011 (GCVE-0-2002-1011)

    Vulnerability from cvelistv5 – Published: 2002-08-31 04:00 – Updated: 2024-08-08 03:12
    VLAI
    Summary
    Buffer overflow in web server for Tivoli Management Framework (TMF) Endpoint 3.6.x through 3.7.1, before Fixpack 2, allows remote attackers to cause a denial of service or execute arbitrary code via a long HTTP GET request.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2002-07-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T03:12:16.476Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "5235",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/5235"
              },
              {
                "name": "20020715 Tivoli TMF Endpoint Buffer Overflow",
                "tags": [
                  "mailing-list",
                  "x_refsource_VULNWATCH",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0023.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.tivoli.com/secure/support/documents/security/mgt-fwk-http-vul.html"
              },
              {
                "name": "tivoli-tmr-endpoint-bo(9555)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "http://www.iss.net/security_center/static/9555.php"
              },
              {
                "name": "20020715 Tivoli TMF Endpoint Buffer Overflow",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://online.securityfocus.com/archive/1/282292"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2002-07-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in web server for Tivoli Management Framework (TMF) Endpoint 3.6.x through 3.7.1, before Fixpack 2, allows remote attackers to cause a denial of service or execute arbitrary code via a long HTTP GET request."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2002-09-10T09:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "5235",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/5235"
            },
            {
              "name": "20020715 Tivoli TMF Endpoint Buffer Overflow",
              "tags": [
                "mailing-list",
                "x_refsource_VULNWATCH"
              ],
              "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0023.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.tivoli.com/secure/support/documents/security/mgt-fwk-http-vul.html"
            },
            {
              "name": "tivoli-tmr-endpoint-bo(9555)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "http://www.iss.net/security_center/static/9555.php"
            },
            {
              "name": "20020715 Tivoli TMF Endpoint Buffer Overflow",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://online.securityfocus.com/archive/1/282292"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2002-1011",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in web server for Tivoli Management Framework (TMF) Endpoint 3.6.x through 3.7.1, before Fixpack 2, allows remote attackers to cause a denial of service or execute arbitrary code via a long HTTP GET request."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "5235",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/5235"
                },
                {
                  "name": "20020715 Tivoli TMF Endpoint Buffer Overflow",
                  "refsource": "VULNWATCH",
                  "url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0023.html"
                },
                {
                  "name": "http://www.tivoli.com/secure/support/documents/security/mgt-fwk-http-vul.html",
                  "refsource": "MISC",
                  "url": "http://www.tivoli.com/secure/support/documents/security/mgt-fwk-http-vul.html"
                },
                {
                  "name": "tivoli-tmr-endpoint-bo(9555)",
                  "refsource": "XF",
                  "url": "http://www.iss.net/security_center/static/9555.php"
                },
                {
                  "name": "20020715 Tivoli TMF Endpoint Buffer Overflow",
                  "refsource": "BUGTRAQ",
                  "url": "http://online.securityfocus.com/archive/1/282292"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2002-1011",
        "datePublished": "2002-08-31T04:00:00.000Z",
        "dateReserved": "2002-08-27T00:00:00.000Z",
        "dateUpdated": "2024-08-08T03:12:16.476Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }