---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/ ---------------------------------------------------------------------- TITLE: IBM Tivoli Management Framework Endpoint Denial of Service SECUNIA ADVISORY ID: SA15953 VERIFY ADVISORY: http://secunia.com/advisories/15953/ CRITICAL: Less critical IMPACT: DoS WHERE: >From local network SOFTWARE: IBM Tivoli Management Framework 4.x http://secunia.com/product/2866/ DESCRIPTION: NISCC has reported a vulnerability in IBM Tivoli Management Framework Endpoint's "lcfp" process, which potentially can be exploited to cause a DoS (Denial of Service). The vulnerability is caused due to the endpoint waiting for 5 minutes before it can accept any new connections after a connection has been made to the endpoint and then dropped. The "lcfd" process will be unresponsive for 5 minutes. The vulnerability has been reported in version 4.1.1, endpoint version 41015. SOLUTION: Apply the latest LCF Patch (4.1.1-LCF-0020) http://www-1.ibm.com/support/docview.wss?uid=swg24009815 PROVIDED AND/OR DISCOVERED BY: NISCC (National Infrastructure Security Coordination Centre) ORIGINAL ADVISORY: http://www-1.ibm.com/support/docview.wss?uid=swg21210334 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------