IBM Tivoli Storage Manager (TSM) provides centralized management for automated backup and restoration operations. It runs a Client Acceptor Daemon (CAD) on ports 1581/TCP and 1582/TCP. The Client Acceptor Daemon, upon receiving a request over the network, starts the Remote Client Agent service (
**dsmagent.exe**) which listens on port 1584/TCP.
A buffer overflow vulnerability in the Remote Client Agent service allows remote attackers to execute arbitrary commands by sending a dicuGetIdentify Request with a long, specially crafted NodeName parameter.
Apply a security fix.
Exploit works on Tivoli Storage Manager Backup Client 220.127.116.11.
Windows Server 2003