Vulnerabilities > CVE-2010-3058 - Resource Management Errors vulnerability in IBM Tivoli Storage Manager Fastback

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

ibm

CWE-399

NVD

Published: 2010-08-20

Updated: 2010-08-24

Summary

The Mount service in IBM Tivoli Storage Manager (TSM) FastBack 5.x.x before 5.5.7, and 6.1.0.0, establishes an open UDP port, which might allow remote attackers to overwrite memory locations and execute arbitrary code, or cause a denial of service (application hang), via unspecified vectors.

Vulnerable Configurations

Part	Description	Count
Application	Ibm IBM Tivoli Storage Manager Fastback 5.5.0 IBM Tivoli Storage Manager Fastback 5.5.1 IBM Tivoli Storage Manager Fastback 5.5.2 IBM Tivoli Storage Manager Fastback 5.5.2.0 IBM Tivoli Storage Manager Fastback 5.5.3.0 IBM Tivoli Storage Manager Fastback 5.5.4.0 IBM Tivoli Storage Manager Fastback 5.5.5.0 IBM Tivoli Storage Manager Fastback 5.5.6.0 IBM Tivoli Storage Manager Fastback 6.1.0.0	9

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

Saint

bid	42549
description	IBM Tivoli Storage Manager FastBack Mount Service Code Execution
osvdb	67292
title	tivoli_storage_mgr_fastback_mount_udp
type	remote

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Saint

References