COMMAND

	IBM  Tivoli  Management  Framework  buffer  overflow   (EndPoint   &
	ManagedNode)

SYSTEMS AFFECTED

	IBM Tivoli Management Framework versions 3.6.x through 3.7.1

PROBLEM

	Mark Rowe [mark.rowe@pentest-limited.com] and Jeff  Fay  [jeff@sdii.com]
	in  pentest  [http://pentest-limited.com/]   advisories   [ptl-2002-05],
	[ptl-2002-04] :
	

	A remote buffer overflow condition  exists  in  the  webserver  (default
	port 9495) running on TMR Endpoints. An overly long GET request  results
	in a  buffer  overflow,  with  registers  being  overwritten  with  user
	supplied data.
	

	This results in the TMR Endpoint Service  crashing  (LCFD  process)  and
	allows arbitrary code to be executed as a privileged user (SYSTEM on  NT
	or root on Unix). The loss of the lcfd process terminates  all  endpoint
	activities.
	

	-Also-
	

	A remote buffer overflow condition  exists  in  the  webserver  (default
	port 94 but redirects to another port) running on TMR  ManagedNodes.  An
	overly long GET request results in a  buffer  overflow,  with  registers
	being overwritten with user supplied data.
	

	This results in  the  TMR  ManagedNode  HTTPd  daemon  crashing  (Spider
	process) and allows arbitrary code to be executed as a  privileged  user
	(SYSTEM on NT or root on Unix). The loss  of  the  spider  process  will
	prevent all http requests to that ManagedNode, but does not  impact  all
	other Framework or application functions.

SOLUTION

	Vendor has released  a  security  alert  with  details  of  patches  and
	workarounds. See :
	

	http://www.tivoli.com/secure/support/documents/security/mgt-fwk-http-vul.html