Security Bulletin: Buffer Overflow from improperly formatted SELECT command in IBM Tivoli Storage Manager (IBM Spectrum Protect) Server (CVE-2016-8998)

Summary

An improperly formatted SELECT command to an IBM Tivoli Storage Manager (IBM Spectrum Protect) Server can cause a buffer overflow that could allow an attacker to execute arbitrary code on the server.

Vulnerability Details

CVEID: CVE-2016-8998**
DESCRIPTION:** IBM Tivoli Storage Manager Server could allow an authenticated user with TSM administrator privileges to cause a buffer overflow using a specially crafted SQL query and execute arbitrary code on the server.
CVSS Base Score: 7.2
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/119310 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)

Affected Products and Versions

This vulnerability affects the following IBM Tivoli Storage Manager (IBM Spectrum Protect) Server levels:

• 7.1.1.0 through 7.1.7.0

Note that this vulnerability has been fixed in 8.1.0.0.

_ _

Remediation/Fixes

Tivoli Storage Manager Server Release

| Fixing
VRM
Level|**_

Platform_|Link to Fix / Fix Availability Target**
—|—|—|—
7.1| 7.1.7.100| AIX
HP-UX
Linux
Solaris
Windows| https://www-945.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Tivoli&product=ibm/Tivoli/Tivoli+Storage+Manager&release=7.1.7.100&platform=All&function=all

Workarounds and Mitigations

None