Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM56DFC70E4029A44923B294C93FC60304F4B046ED01FC5723068AF99B6111A6B9
HistoryJun 17, 2018 - 3:16 p.m.

Security Bulletin: Multiple Security Vulnerabilities in IBM Tivoli Storage Manager FastBack (CVE-2016-0212, CVE-2016-0213, CVE-2016-0216)

2018-06-1715:16:16
www.ibm.com
5

0.005 Low

EPSS

Percentile

76.7%

JSON

Summary

IBM Tivoli Storage Manager FastBack is affected by multiple stack based buffer overflow security vulnerabilities. These vulnerabilities may cause the server to crash.

Vulnerability Details

CVEID: CVE-2016-0212** *DESCRIPTION: IBM Tivoli Storage Manager FastBack is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. By sending a crafted packet an attacker could overflow a buffer and execute arbitrary code on the system with SYSTEM privileges or cause the server to crash.
CVSS Base Score: 9.8
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/109663 for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID: CVE-2016-0213** *DESCRIPTION: IBM Tivoli Storage Manager FastBack is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. By sending a crafted packet an attacker could overflow a buffer and execute arbitrary code on the system with SYSTEM privileges or cause the server to crash.
CVSS Base Score: 9.8
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/109664 for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID: CVE-2016-0216** *DESCRIPTION: IBM Tivoli Storage Manager FastBack is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. By sending a crafted packet an attacker could overflow a buffer and execute arbitrary code on the system with SYSTEM privileges or cause the server to crash.
CVSS Base Score: 9.8
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/109672 for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

Affected Products and Versions

IBM Tivoli Storage Manager FastBack 6.1.0.0 - 6.1.11.1.

IBM Tivoli Storage Manager FastBack 5.5.

Remediation/Fixes

_FastBack Release _

| First FixingVRMF Level| Platfom| APAR| Link to fix
—|—|—|—|—
6.1 | 6.1.12| Windows| None| <http://www-933.ibm.com/support/fixcentral/swg/selectFix?product=ibm%2FTivoli%2FIBM+Tivoli+Storage+Manager+FastBack&gt;

_For FastBack 5.5, IBM _recommends upgrading to a fixed, supported FastBack 6.1.12.

Workarounds and Mitigations

None

Related

cve 3
nessus 2
prion 3
nvd 3
cvelist 3
openvas 1
cve
cve
CVE-2016-0212
2016-02-29 11:59:04
CVE-2016-0213
2016-02-29 11:59:05
CVE-2016-0216
2016-02-29 11:59:06
nessus
nessus
IBM Tivoli Storage Manager FastBack 5.5.x Multiple Vulnerabilities
2016-03-04 00:00:00
IBM Tivoli Storage Manager FastBack 6.1.x < 6.1.12 Multiple Vulnerabilities
2015-07-07 00:00:00
prion
prion
Stack overflow
2016-02-29 11:59:00
Stack overflow
2016-02-29 11:59:00
Stack overflow
2016-02-29 11:59:00
nvd
nvd
CVE-2016-0212
2016-02-29 11:59:04
CVE-2016-0216
2016-02-29 11:59:06
CVE-2016-0213
2016-02-29 11:59:05
cvelist
cvelist
CVE-2016-0212
2016-02-29 11:00:00
CVE-2016-0216
2016-02-29 11:00:00
CVE-2016-0213
2016-02-29 11:00:00
openvas
openvas
IBM Tivoli Storage Manager FastBack Server Multiple Buffer Overflow Vulnerabilities (Aug 2016)
2016-08-04 00:00:00

0.005 Low

EPSS

Percentile

76.7%

JSON
Related for 56DFC70E4029A44923B294C93FC60304F4B046ED01FC5723068AF99B6111A6B9
cve3nessus2prion3nvd3cvelist3openvas1