The IBM Tivoli Storage Manager FastBack mount process is vulnerable to a stack-based buffer overflow. A local or remote attacker could overflow a buffer and execute arbitrary code on the system with root privileges or cause the application to crash. On November 21, 2016 this vulnerability was incorrectly reported as CVE-2016-6091. The correct CVE IDs for these vulnerabilities are CVE-2015-1897 and CVE-2015-0119.
Please consult the security bulletins IBM Tivoli Storage Manager FastBack Stack-Based Buffer Overflow Elevation of Privilege Vulnerability (CVE-2015-1897)_ and IBM Tivoli Storage Manager FastBack Mount Remote Code Execution Vulnerability (CVE-2015-0119) _for vulnerability details and information about fixes.
IBM Tivoli Storage Manager FastBack Mount 6.1.11 and earlier.
Please consult the security bulletins IBM Tivoli Storage Manager FastBack Stack-Based Buffer Overflow Elevation of Privilege Vulnerability (CVE-2015-1897)_ and IBM Tivoli Storage Manager FastBack Mount Remote Code Execution Vulnerability (CVE-2015-0119) _for information on applying the appropriate fixes.
None