Vulnerabilities > CVE-2006-5855 - Buffer Overflow vulnerability in IBM Tivoli Storage Manager
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Multiple buffer overflows in IBM Tivoli Storage Manager (TSM) before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in (1) the language field at logon that begins with a 0x18 byte, (2) two unspecified parameters to the SmExecuteWdsfSession function, and (3) the contact field in an open registration message.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 6 |
Nessus
NASL family | Gain a shell remotely |
NASL id | IBM_TSM_MULTIPLE.NASL |
description | The remote host is running a version of IBM Tivoli Storage Manager that is vulnerable to multiple buffer overflows. Using specially a crafted packet, an attacker could exploit these flaws to execute arbitrary code on the host or to disable this service. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 25662 |
published | 2007-07-03 |
reporter | This script is Copyright (C) 2007-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/25662 |
title | IBM Tivoli Storage Manager Multiple Remote Overflows |
code |
|
References
- http://secunia.com/advisories/23177
- http://securityreason.com/securityalert/1979
- http://securitytracker.com/id?1017333
- http://www.kb.cert.org/vuls/id/350625
- http://www.kb.cert.org/vuls/id/478753
- http://www.kb.cert.org/vuls/id/887249
- http://www.securityfocus.com/archive/1/453544/100/0/threaded
- http://www.securityfocus.com/bid/21440
- http://www.tippingpoint.com/security/advisories/TSRT-06-14.html
- http://www.vupen.com/english/advisories/2006/4856
- http://www-1.ibm.com/support/docview.wss?uid=swg1IC50347
- http://www-1.ibm.com/support/docview.wss?uid=swg21250261
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30699
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30701
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30702