Vulnerabilities > IBM > Tivoli Storage Manager Fastback > 6.1.0.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-10-05 | CVE-2010-3759 | Code Injection vulnerability in IBM Tivoli Storage Manager Fastback FastBackMount.exe in the Mount service in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 writes a certain value to a memory location specified by a UDP packet field, which allows remote attackers to execute arbitrary code via multiple requests. | 10.0 |
2010-10-05 | CVE-2010-3758 | Code Injection vulnerability in IBM Tivoli Storage Manager Fastback Multiple stack-based buffer overflows in FastBackServer.exe in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 allow remote attackers to execute arbitrary code via vectors involving the (1) AGI_SendToLog (aka _SendToLog) function; the (2) group, (3) workgroup, or (4) domain name field to the USER_S_AddADGroup function; the (5) user_path variable to the FXCLI_checkIndexDBLocation function; or (6) the _AGI_S_ActivateLTScriptReply (aka ActivateLTScriptReply) function. | 10.0 |
2010-10-05 | CVE-2010-3757 | OS Command Injection vulnerability in IBM Tivoli Storage Manager Fastback Format string vulnerability in the _Eventlog function in FastBackServer.exe in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 allows remote attackers to execute arbitrary code via format string specifiers located after a | (pipe) character in a string. | 10.0 |
2010-10-05 | CVE-2010-3756 | Improper Input Validation vulnerability in IBM Tivoli Storage Manager Fastback The _CalcHashValueWithLength function in FastBackServer.exe in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 does not properly validate an unspecified length value, which allows remote attackers to cause a denial of service (daemon crash) by sending data over TCP. | 5.0 |
2010-10-05 | CVE-2010-3755 | Resource Management Errors vulnerability in IBM Tivoli Storage Manager Fastback The _DAS_ReadBlockReply function in FastBackServer.exe in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via data in a TCP packet. | 5.0 |
2010-10-05 | CVE-2010-3754 | OS Command Injection vulnerability in IBM Tivoli Storage Manager Fastback The FXCLI_OraBR_Exec_Command function in FastBackServer.exe in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 uses values of packet fields to determine the content and length of data copied to memory, which allows remote attackers to execute arbitrary code via a crafted packet. | 10.0 |
2010-08-20 | CVE-2010-3061 | Remote Code Execution and Denial of Service vulnerability in IBM Tivoli Storage Manager FastBack Unspecified vulnerability in the message-protocol implementation in the Mount service in IBM Tivoli Storage Manager (TSM) FastBack 5.x.x before 5.5.7, and 6.1.0.0, allows remote attackers to cause a denial of service (recovery failure), and possibly trigger loss of data, via unknown vectors. | 5.0 |
2010-08-20 | CVE-2010-3060 | Remote Code Execution and Denial of Service vulnerability in IBM Tivoli Storage Manager FastBack Unspecified vulnerability in the message-protocol implementation in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.x.x before 5.5.7, and 6.1.0.0, allows remote attackers to cause a denial of service (daemon outage) via unknown vectors. | 5.0 |
2010-08-20 | CVE-2010-3059 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM Tivoli Storage Manager Fastback Buffer overflow in the message-protocol implementation in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.x.x before 5.5.7, and 6.1.0.0, allows remote attackers to read and modify data, and possibly have other impact, via an unspecified command. | 7.5 |
2010-08-20 | CVE-2010-3058 | Resource Management Errors vulnerability in IBM Tivoli Storage Manager Fastback The Mount service in IBM Tivoli Storage Manager (TSM) FastBack 5.x.x before 5.5.7, and 6.1.0.0, establishes an open UDP port, which might allow remote attackers to overwrite memory locations and execute arbitrary code, or cause a denial of service (application hang), via unspecified vectors. | 7.5 |