IBM Corp.'s Tivoli Provisioning Manager for OS Deployment is "a network boot server that facilitates central management of networked workstations. It implements Preboot Execution Environment (PXE), a Web-based administration service, DHCP, TFTP, and several additional protocols". Remote exploitation of a buffer overflow vulnerability in the web server component of IBM Corp.'s Tivoli Provisioning Manager for OS Deployment allows attackers to cause a denial of service condition or potentially execute arbitrary code with SYSTEM privileges.

http://www.securiteam.com/windowsntf...PP0N1FN5Y.html