Lucene search
Lola MontezZDI-15-268HistoryJun 30, 2015 - 12:00 a.m.
IBM Tivoli Storage Manager FastBack Server Opcode 1329 Information Disclosure Vulnerability
2015-06-3000:00:00
Lola Montez
www.zerodayinitiative.com
17
0.96 High
EPSS
Percentile
99.5%
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of IBM Tivoli Storage Manager FastBack. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of opcode 1329. By sending a crafted packet on TCP port 11460, an attacker can force the process to read an arbitrary file and return the contents. An attacker can use this to disclose information under the context of SYSTEM.
Related
prion
prion
Code injection
2015-06-30 15:59:00
cvelist
cvelist
CVE-2015-1941
2015-06-30 15:00:00
nvd
nvd
CVE-2015-1941
2015-06-30 15:59:07
checkpoint_advisories
checkpoint_advisories
cve
cve
CVE-2015-1941
2015-06-30 15:59:07
nessus
nessus
IBM Tivoli Storage Manager FastBack 6.1.x < 6.1.12 Multiple Vulnerabilities
2015-07-07 00:00:00
ibm
ibm
openvas
openvas
IBM Tivoli Storage Manager FastBack Multiple Vulnerabilities (Jul 2015)
2015-07-03 00:00:00