SAINT CorporationSAINT:14BF007FCD0469A57C296D46D703B817Tivoli Storage Manager Client dsmagent.exe NodeName buffer overflow
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.966 High
EPSS
Percentile
99.5%
Added: 05/11/2009
CVE: CVE-2008-4828
BID: 34803
OSVDB: 54232
Background
IBM Tivoli Storage Manager (TSM) provides centralized management for automated backup and restoration operations. It runs a Client Acceptor Daemon (CAD) on ports 1581/TCP and 1582/TCP. The Client Acceptor Daemon, upon receiving a request over the network, starts the Remote Client Agent service (**dsmagent.exe**) which listens on port 1584/TCP.
Problem
A buffer overflow vulnerability in the Remote Client Agent service allows remote attackers to execute arbitrary commands by sending a dicuGetIdentify Request with a long, specially crafted NodeName parameter.
Resolution
Apply a security fix.
References
<http://secunia.com/secunia_research/2008-55/>
Limitations
Exploit works on Tivoli Storage Manager Backup Client 5.3.6.2.
Platforms
Windows 2000
Windows Server 2003
Related
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.966 High
EPSS
Percentile
99.5%