Lucene search

SAINT CorporationSAINT:CEFE24F5F3AA7059C4617EB6BAC75A8A

HistoryMar 12, 2009 - 12:00 a.m.

Tivoli Storage Manager heap corruption

2009-03-1200:00:00

SAINT Corporation

download.saintcorporation.com

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.828

Percentile

98.4%

JSON

Added: 03/12/2009
CVE: CVE-2008-4563
BID: 34077

Background

IBM Tivoli Storage Manager (TSM) provides centralized management for automated backup and restoration operations.

Problem

A heap overflow allows remote attackers to execute arbitrary commands.

Resolution

Apply the workaround or solution described in the IBM advisory.

References

<http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=775>

Limitations

Exploit works on Tivoli Storage Manager Express Server 5.3.7.3 on Windows Server 2003.

Platforms

Windows

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.828

Percentile

98.4%

JSON

Related for SAINT:CEFE24F5F3AA7059C4617EB6BAC75A8A