CVSS: 6.6EPSS: 0%CPEs: 33EXPL: 0CVE-2010-4605
https://notcve.org/view.php?id=CVE-2010-4605
29 Dec 2010 — Unspecified vulnerability in the backup-archive client in IBM Tivoli Storage Manager (TSM) 5.3.x before 5.3.6.10, 5.4.x before 5.4.3.4, 5.5.x before 5.5.3, 6.1.x before 6.1.4, and 6.2.x before 6.2.2 on Unix and Linux allows local users to overwrite arbitrary files via unknown vectors. Vulnerabilidad no especificada en el cliente de copia de seguridad de archivos en IBM Tivoli Storage Manager (TSM) v5.3.x anteriores a v5.3.6.10, v5.4.3.4 anterior a v5.4.x, v5.5.x anteriores a v5.5.3, v6.1.x anteriores a v6.1... • http://secunia.com/advisories/42639 •
CVSS: 9.8EPSS: 4%CPEs: 5EXPL: 0CVE-2010-4606
https://notcve.org/view.php?id=CVE-2010-4606
29 Dec 2010 — Unspecified vulnerability in the Space Management client in the Hierarchical Storage Management (HSM) component in IBM Tivoli Storage Manager (TSM) 5.4.x before 5.4.3.4, 5.5.x before 5.5.3, 6.1.x before 6.1.4, and 6.2.x before 6.2.2 on Unix and Linux allows remote attackers to execute arbitrary commands via unknown vectors, related to a "script execution vulnerability." Vulnerabilidad sin especificar en el cliente Space Management en el Hierarchical Storage Management (HSM) component en IBM Tivoli Storage M... • http://secunia.com/advisories/42639 •
CVSS: 10.0EPSS: 7%CPEs: 10EXPL: 0CVE-2010-3754
https://notcve.org/view.php?id=CVE-2010-3754
05 Oct 2010 — The FXCLI_OraBR_Exec_Command function in FastBackServer.exe in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 uses values of packet fields to determine the content and length of data copied to memory, which allows remote attackers to execute arbitrary code via a crafted packet. NOTE: this might overlap CVE-2010-3059. La función FXCLI_OraBR_Exec_Command en FastBackServer.exe en el servidor de IBM Tivoli Storage Manager (TSM) Fastback v5.5.0.0 a v5.... • http://www-01.ibm.com/support/docview.wss?uid=swg1IC69883 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2010-3755
https://notcve.org/view.php?id=CVE-2010-3755
05 Oct 2010 — The _DAS_ReadBlockReply function in FastBackServer.exe in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via data in a TCP packet. NOTE: this might overlap CVE-2010-3060. La función _DAS_ReadBlockReply en FastBackServer.exe en el servidor de IBM Tivoli Storage Manager (TSM) Fastback v5.5.0.0 a v5.5.6.0 y v6.1.0.0 a v6.1.0.1 permite a atacantes remotos ... • http://www-01.ibm.com/support/docview.wss?uid=swg1IC69883 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2010-3756
https://notcve.org/view.php?id=CVE-2010-3756
05 Oct 2010 — The _CalcHashValueWithLength function in FastBackServer.exe in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 does not properly validate an unspecified length value, which allows remote attackers to cause a denial of service (daemon crash) by sending data over TCP. NOTE: this might overlap CVE-2010-3060. La función _CalcHashValueWithLength en FastBackServer.exe en el servidor de IBM Tivoli Storage Manager (TSM) Fastback v5.5.0.0 a v5.5.6.0 y v6.1.... • http://www-01.ibm.com/support/docview.wss?uid=swg1IC69883 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 8%CPEs: 10EXPL: 0CVE-2010-3757
https://notcve.org/view.php?id=CVE-2010-3757
05 Oct 2010 — Format string vulnerability in the _Eventlog function in FastBackServer.exe in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 allows remote attackers to execute arbitrary code via format string specifiers located after a | (pipe) character in a string. NOTE: this might overlap CVE-2010-3059. Vulnerabilidad de formato de cadena en la función _Eventlog en FastBackServer.exe en el servidor de IBM Tivoli Storage Manager (TSM) Fastback v5.5.0.0 a v5.5.... • http://www-01.ibm.com/support/docview.wss?uid=swg1IC69883 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 30%CPEs: 10EXPL: 0CVE-2010-3758
https://notcve.org/view.php?id=CVE-2010-3758
05 Oct 2010 — Multiple stack-based buffer overflows in FastBackServer.exe in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 allow remote attackers to execute arbitrary code via vectors involving the (1) AGI_SendToLog (aka _SendToLog) function; the (2) group, (3) workgroup, or (4) domain name field to the USER_S_AddADGroup function; the (5) user_path variable to the FXCLI_checkIndexDBLocation function; or (6) the _AGI_S_ActivateLTScriptReply (aka ActivateLTScrip... • http://www-01.ibm.com/support/docview.wss?uid=swg1IC69883 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 8%CPEs: 10EXPL: 0CVE-2010-3759
https://notcve.org/view.php?id=CVE-2010-3759
05 Oct 2010 — FastBackMount.exe in the Mount service in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 writes a certain value to a memory location specified by a UDP packet field, which allows remote attackers to execute arbitrary code via multiple requests. NOTE: this might overlap CVE-2010-3058. FastBackMount.exe en el servicio de montaje de IBM Tivoli Storage Manager (TSM) Fastback v5.5.0.0 a v5.5.6.0 y v6.1.0.0 a v6.1.0.1 escribe un valor a una posición de memoria indica... • http://www-01.ibm.com/support/docview.wss?uid=swg1IC69883 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2010-3760
https://notcve.org/view.php?id=CVE-2010-3760
05 Oct 2010 — FastBackMount.exe in the Mount service in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 does not properly handle a certain failure to allocate memory, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash, and recovery failure) by specifying a large size value within TCP packet data. NOTE: this might overlap CVE-2010-3061. FastBackMount.exe en el servicio de montaje de IBM Tivoli Storage Manager (TSM) Fastback v5... • http://www-01.ibm.com/support/docview.wss?uid=swg1IC69883 • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 9%CPEs: 10EXPL: 0CVE-2010-3761
https://notcve.org/view.php?id=CVE-2010-3761
05 Oct 2010 — Unspecified vulnerability in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-700. NOTE: this might overlap CVE-2010-3058 or CVE-2010-3059. Una vulnerabilidad no especificada en IBM Tivoli Storage Manager (TSM) Fastback v5.5.0.0 hasta v5.5.6.0 y v6.1.0.0 hasta v6.1.0.1 permite a atacantes remotos ejecutar código de su elección a través de vectores desconocidos. Este problema tambié... • http://www-01.ibm.com/support/docview.wss?uid=swg1IC69883 • CWE-94: Improper Control of Generation of Code ('Code Injection') •