Vulnerabilities > IBM > Tivoli Storage Manager Fastback > 5.5.2.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-04-06 | CVE-2015-0119 | Improper Access Control vulnerability in IBM Tivoli Storage Manager Fastback FastBack Mount in IBM Tivoli Storage Manager FastBack 6.1.x before 6.1.11.1 allows remote attackers to execute arbitrary code by connecting to the Mount port. | 7.5 |
2010-10-05 | CVE-2010-3761 | Code Injection vulnerability in IBM Tivoli Storage Manager Fastback Unspecified vulnerability in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-700. | 10.0 |
2010-10-05 | CVE-2010-3760 | Resource Management Errors vulnerability in IBM Tivoli Storage Manager Fastback FastBackMount.exe in the Mount service in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 does not properly handle a certain failure to allocate memory, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash, and recovery failure) by specifying a large size value within TCP packet data. | 7.8 |
2010-10-05 | CVE-2010-3759 | Code Injection vulnerability in IBM Tivoli Storage Manager Fastback FastBackMount.exe in the Mount service in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 writes a certain value to a memory location specified by a UDP packet field, which allows remote attackers to execute arbitrary code via multiple requests. | 10.0 |
2010-10-05 | CVE-2010-3758 | Code Injection vulnerability in IBM Tivoli Storage Manager Fastback Multiple stack-based buffer overflows in FastBackServer.exe in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 allow remote attackers to execute arbitrary code via vectors involving the (1) AGI_SendToLog (aka _SendToLog) function; the (2) group, (3) workgroup, or (4) domain name field to the USER_S_AddADGroup function; the (5) user_path variable to the FXCLI_checkIndexDBLocation function; or (6) the _AGI_S_ActivateLTScriptReply (aka ActivateLTScriptReply) function. | 10.0 |
2010-10-05 | CVE-2010-3757 | OS Command Injection vulnerability in IBM Tivoli Storage Manager Fastback Format string vulnerability in the _Eventlog function in FastBackServer.exe in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 allows remote attackers to execute arbitrary code via format string specifiers located after a | (pipe) character in a string. | 10.0 |
2010-10-05 | CVE-2010-3756 | Improper Input Validation vulnerability in IBM Tivoli Storage Manager Fastback The _CalcHashValueWithLength function in FastBackServer.exe in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 does not properly validate an unspecified length value, which allows remote attackers to cause a denial of service (daemon crash) by sending data over TCP. | 5.0 |
2010-10-05 | CVE-2010-3755 | Resource Management Errors vulnerability in IBM Tivoli Storage Manager Fastback The _DAS_ReadBlockReply function in FastBackServer.exe in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via data in a TCP packet. | 5.0 |
2010-10-05 | CVE-2010-3754 | OS Command Injection vulnerability in IBM Tivoli Storage Manager Fastback The FXCLI_OraBR_Exec_Command function in FastBackServer.exe in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 uses values of packet fields to determine the content and length of data copied to memory, which allows remote attackers to execute arbitrary code via a crafted packet. | 10.0 |
2010-08-20 | CVE-2010-3061 | Remote Code Execution and Denial of Service vulnerability in IBM Tivoli Storage Manager FastBack Unspecified vulnerability in the message-protocol implementation in the Mount service in IBM Tivoli Storage Manager (TSM) FastBack 5.x.x before 5.5.7, and 6.1.0.0, allows remote attackers to cause a denial of service (recovery failure), and possibly trigger loss of data, via unknown vectors. | 5.0 |