cbcvebase.

Ibm Tivoli Management Framework vulnerabilities

6 known vulnerabilities affecting ibm/tivoli_management_framework.

Total CVEs
6
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH2MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2011-1220P2CRITICALCVSS 9.0PoCv3.7.1v4.1+2 more2011-06-02
CVE-2011-1220 [CRITICAL] CWE-119 CVE-2011-1220: Stack-based buffer overflow in lcfd.exe in Tivoli Endpoint in IBM Tivoli Management Framework 3.7.1, Stack-based buffer overflow in lcfd.exe in Tivoli Endpoint in IBM Tivoli Management Framework 3.7.1, 4.1, 4.1.1, and 4.3.1 allows remote authenticated users to execute arbitrary code via a long opts field.
nvd
CVE-2011-2330P3CRITICALCVSS 9.0v3.7.1v4.1+2 more2011-06-02
CVE-2011-2330 [CRITICAL] CVE-2011-2330: Tivoli Endpoint in IBM Tivoli Management Framework 3.7.1, 4.1, 4.1.1, and 4.3.1 has an unspecified " Tivoli Endpoint in IBM Tivoli Management Framework 3.7.1, 4.1, 4.1.1, and 4.3.1 has an unspecified "built-in account" that is "trivially" accessed, which makes it easier for remote attackers to send requests to restricted pages via a session on TCP port 9495, a different vulnerability than CVE-2011-1220.
nvd
CVE-2002-1012P4HIGHCVSS 7.5v3.6v3.6.1+2 more2002-10-04
CVE-2002-1012 [HIGH] CVE-2002-1012: Buffer overflow in web server for Tivoli Management Framework (TMF) ManagedNode 3.6.x through 3.7.1 Buffer overflow in web server for Tivoli Management Framework (TMF) ManagedNode 3.6.x through 3.7.1 allows remote attackers to cause a denial of service or execute arbitrary code via a long HTTP GET request.
nvd
CVE-2002-1011P4HIGHCVSS 7.5v3.6v3.6.1+2 more2002-10-04
CVE-2002-1011 [HIGH] CVE-2002-1011: Buffer overflow in web server for Tivoli Management Framework (TMF) Endpoint 3.6.x through 3.7.1, be Buffer overflow in web server for Tivoli Management Framework (TMF) Endpoint 3.6.x through 3.7.1, before Fixpack 2, allows remote attackers to cause a denial of service or execute arbitrary code via a long HTTP GET request.
nvd
CVE-2000-1239P4CRITICALCVSS 9.0v3.7.12000-12-31
CVE-2000-1239 [CRITICAL] CVE-2000-1239: The HTTP interface of Tivoli Lightweight Client Framework (LCF) in IBM Tivoli Management Framework 3 The HTTP interface of Tivoli Lightweight Client Framework (LCF) in IBM Tivoli Management Framework 3.7.1 sets http_disable to zero at install time, which allows remote authenticated users to bypass file permissions on Tivoli Endpoint Configuration data files via an unspecified manipulation of log files.
nvd
CVE-2005-2170P4MEDIUMCVSS 5.0v4.1.12005-07-11
CVE-2005-2170 [MEDIUM] CVE-2005-2170: The LCF component (lcfd) in IBM Tivoli Management Framework Endpoint allows remote attackers to caus The LCF component (lcfd) in IBM Tivoli Management Framework Endpoint allows remote attackers to cause a denial of service (process exit and connection loss) by connecting to LCF and ending the connection without sending any data.
nvd
Ibm Tivoli Management Framework vulnerabilities | cvebase