SAINT CorporationSAINT:E47B0663196003CD5A0D3656849C4270Tivoli Storage Manager CAD Host header buffer overflow
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.967 High
EPSS
Percentile
99.7%
Added: 10/26/2007
CVE: CVE-2007-4880
BID: 25743
OSVDB: 38161
Background
IBM Tivoli Storage Manager (TSM) provides centralized management for automated backup and restoration operations. It runs a Client Acceptor Daemon (CAD) on port 1581/TCP.
Problem
A buffer overflow vulnerability in Tivoli Storage Manager Express allows remote attackers to execute arbitrary commands by sending a long, specially crafted HTTP Host header to the Client Acceptor Daemon.
Resolution
Apply the appropriate patch from IBM.
References
<http://www.zerodayinitiative.com/advisories/ZDI-07-054.html>
Limitations
Exploit works on IBM Tivoli Storage Manager Express Client 5.3.
Platforms
Windows 2000
Windows XP
Related
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.967 High
EPSS
Percentile
99.7%