Lucene search

[email protected]CVE-2010-3760

HistoryOct 03, 2022 - 4:20 p.m.

CVE-2010-3760

2022-10-0316:20:57

CWE-399

[email protected]

web.nvd.nist.gov

cve

ibm

tivoli storage manager

tsm

fastback

denial of service

nvd

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.6 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

74.1%

JSON

FastBackMount.exe in the Mount service in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 does not properly handle a certain failure to allocate memory, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash, and recovery failure) by specifying a large size value within TCP packet data. NOTE: this might overlap CVE-2010-3061.

Affected configurations

NVD

Node

ibmtivoli_storage_manager_fastbackMatch5.5.0

ibmtivoli_storage_manager_fastbackMatch5.5.1

ibmtivoli_storage_manager_fastbackMatch5.5.2

ibmtivoli_storage_manager_fastbackMatch5.5.2.0

ibmtivoli_storage_manager_fastbackMatch5.5.3.0

ibmtivoli_storage_manager_fastbackMatch5.5.4.0

ibmtivoli_storage_manager_fastbackMatch5.5.5.0

ibmtivoli_storage_manager_fastbackMatch5.5.6.0

ibmtivoli_storage_manager_fastbackMatch6.1.0.0

ibmtivoli_storage_manager_fastbackMatch6.1.0.1

CPENameOperatorVersion
ibm:tivoli_storage_manager_fastbackibm tivoli storage manager fastbackeq5.5.0
ibm:tivoli_storage_manager_fastbackibm tivoli storage manager fastbackeq5.5.1
ibm:tivoli_storage_manager_fastbackibm tivoli storage manager fastbackeq5.5.2
ibm:tivoli_storage_manager_fastbackibm tivoli storage manager fastbackeq5.5.2.0
ibm:tivoli_storage_manager_fastbackibm tivoli storage manager fastbackeq5.5.3.0
ibm:tivoli_storage_manager_fastbackibm tivoli storage manager fastbackeq5.5.4.0
ibm:tivoli_storage_manager_fastbackibm tivoli storage manager fastbackeq5.5.5.0
ibm:tivoli_storage_manager_fastbackibm tivoli storage manager fastbackeq5.5.6.0
ibm:tivoli_storage_manager_fastbackibm tivoli storage manager fastbackeq6.1.0.0
ibm:tivoli_storage_manager_fastbackibm tivoli storage manager fastbackeq6.1.0.1

CPE	Name	Operator	Version
ibm:tivoli_storage_manager_fastback	ibm tivoli storage manager fastback	eq	5.5.0
ibm:tivoli_storage_manager_fastback	ibm tivoli storage manager fastback	eq	5.5.1
ibm:tivoli_storage_manager_fastback	ibm tivoli storage manager fastback	eq	5.5.2
ibm:tivoli_storage_manager_fastback	ibm tivoli storage manager fastback	eq	5.5.2.0
ibm:tivoli_storage_manager_fastback	ibm tivoli storage manager fastback	eq	5.5.3.0
ibm:tivoli_storage_manager_fastback	ibm tivoli storage manager fastback	eq	5.5.4.0
ibm:tivoli_storage_manager_fastback	ibm tivoli storage manager fastback	eq	5.5.5.0
ibm:tivoli_storage_manager_fastback	ibm tivoli storage manager fastback	eq	5.5.6.0
ibm:tivoli_storage_manager_fastback	ibm tivoli storage manager fastback	eq	6.1.0.0
ibm:tivoli_storage_manager_fastback	ibm tivoli storage manager fastback	eq	6.1.0.1

References

www-01.ibm.com/support/docview.wss?uid=swg1IC69883

www.ibm.com/support/docview.wss?uid=swg21443820

zerodayinitiative.com/advisories/ZDI-10-188/

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.6 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

74.1%

JSON

Related for CVE-2010-3760

prion2 cvelist2 nvd2 cve1