EUVD-2010-3736

Malware in sbrugna...

EUVD-2010-3733

Malware in sbrugna...

IBM Tivoli Storage Manager FastBack Mount CMountDismount::GetVaultDump Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Storage Manager FastBack. Authentication is not required to exploit this vulnerability. The specific flaw exists within FastBackServer.exe which listens by default on TCP port 30051. Whe...

CVE-2010-3756

The CalcHashValueWithLength function in FastBackServer.exe in the Server in IBM Tivoli Storage Manager TSM FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 does not properly validate an unspecified length value, which allows remote attackers to cause a denial of service daemon crash b...

Null pointer dereference

The DASReadBlockReply function in FastBackServer.exe in the Server in IBM Tivoli Storage Manager TSM FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via data in a TCP packet. NOTE: this mig...

CVE-2010-3758

CVE-2010-3758 is linked to IBM Tivoli Storage Manager (TSM) FastBack Server, affecting FastBack 5.5.0.0–5.5.6.0 and 6.1.0.0–6.1.0.1. The vulnerability comprises multiple stack-based buffer overflows in FastBackServer.exe that enable remote code execution via crafted inputs in network-facing paths...

CVE-2010-3757

CVE-2010-3757 describes a format-string vulnerability in the _Eventlog function of FastBackServer.exe (Server) affecting IBM Tivoli Storage Manager (TSM) FastBack v5.5.0.0–5.5.6.0 and v6.1.0.0–6.1.0.1. The flaw allows remote attackers to execute arbitrary code via format string specifiers appeari...

ZDI-10-186: IBM TSM FastBack _CalcHashValueWithLength Remote Denial of Service Vulnerability

ZDI-10-186: IBM TSM FastBack CalcHashValueWithLength Remote Denial of Service Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-186 September 29, 2010 -- CVSS: 5, AV:N/AC:L/Au:N/C:N/I:N/A:P -- Affected Vendors: IBM -- Affected Products: IBM Tivoli Storage Manager FastBack --...

ZDI-10-182: IBM TSM FastBack Server FXCLI_OraBR_Exec_Command Remote Code Execution Vulnerabilities

ZDI-10-182: IBM TSM FastBack Server FXCLIOraBRExecCommand Remote Code Execution Vulnerabilities http://www.zerodayinitiative.com/advisories/ZDI-10-182 September 29, 2010 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: IBM -- Affected Products: IBM Tivoli Storage Manager FastBack --...

IBM TSM FastBack Server FXCLI_checkIndexDBLocation Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli FastBack Server. Authentication is not required to exploit this vulnerability. The flaw exists within FastBackServer.exe which listens by default on TCP port 11460. The issue is due to a...