SAINT CorporationSAINT:9E8AAEB1E00FAF1A78BE292AE8B4D1F5IBM Tivoli Storage Manager Client CAD Service Buffer Overflow
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
99.5%
Added: 11/20/2009
CVE: CVE-2009-3853
OSVDB: 59632
Background
IBM Tivoli Storage Manager (TSM) provides centralized management for automated backup and restoration operations. It runs a Client Acceptor Daemon (CAD) on port 1582/TCP.
Problem
The vulnerability is caused by an input validation error in the CAD service. This can be exploited to cause a stack-based buffer overflow by sending a specially crafted packet containing a long client computer name via TCP.
Resolution
Upgrade to the latest version.
References
<http://secunia.com/secunia_research/2008-51/>
Limitations
Exploit works on IBM Tivoli Storage Manager Express Client 5.3.6.6.
The affected Tivoli Storage Manager Express Client must be successfully configured and connected to a Tivoli Storage Manager Server. Note that it may take one or two minutes for the client to connect to the server.
Platforms
Windows
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
99.5%