CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2009-1522
https://notcve.org/view.php?id=CVE-2009-1522
05 May 2009 — The IBM Tivoli Storage Manager (TSM) client 5.5.0.0 through 5.5.1.17 on AIX and Windows, when SSL is used, allows remote attackers to conduct unspecified man-in-the-middle attacks and read arbitrary files via unknown vectors. El cliente IBM Tivoli Storage Manager (TSM) desde v5.5.0.0 hasta v5.5.1.17 en AIX y Windows, cuando se utiliza SSL, lo que permite atacantes remotos realizar ataques de man-in-the-middle y leer ficheros de forma arbitraria a través de vectores desconocidos. • http://osvdb.org/54235 •
CVSS: 10.0EPSS: 1%CPEs: 3EXPL: 0CVE-2009-1178
https://notcve.org/view.php?id=CVE-2009-1178
31 Mar 2009 — Unspecified vulnerability in the server in IBM Tivoli Storage Manager (TSM) 5.3.x before 5.3.2 and 6.x before 6.1 has unknown impact and attack vectors related to the "admin command line." Vulnerabilidad no especificada en el servidor en IBM Tivoli Storage Manager (TSM) 5.3.x versiones anteriores a v5.3.2 y 6.x versiones anteriores a v6.1 tiene un impacto desconocido y vectores de ataque relacionados a la "línea de comandos del administrador". • http://secunia.com/advisories/34498 •
CVSS: 7.2EPSS: 0%CPEs: 11EXPL: 0CVE-2003-1570
https://notcve.org/view.php?id=CVE-2003-1570
31 Mar 2009 — The server in IBM Tivoli Storage Manager (TSM) 5.1.x, 5.2.x before 5.2.1.2, and 6.x before 6.1 does not require credentials to observe the server console in some circumstances, which allows remote authenticated administrators to monitor server operations by establishing a console mode session, related to "session exposure." El servidor en IBM Tivoli Storage Manager (TSM) v5.1.x, v5.2.x anteriores a v5.2.1.2, y v6.x anteriores a v6.1, no requiere credenciales para ver la consola del servidor en algunas circu... • http://secunia.com/advisories/34498 • CWE-287: Improper Authentication •
CVSS: 7.5EPSS: 1%CPEs: 18EXPL: 0CVE-2004-2762
https://notcve.org/view.php?id=CVE-2004-2762
31 Mar 2009 — The server in IBM Tivoli Storage Manager (TSM) 4.2.x on MVS, 5.1.9.x before 5.1.9.1, 5.1.x before 5.1.10, 5.2.2.x before 5.2.2.3, 5.2.x before 5.2.3, 5.3.x before 5.3.0, and 6.x before 6.1, when the HTTP communication method is enabled, allows remote attackers to cause a denial of service (daemon crash or hang) via unspecified HTTP traffic, as demonstrated by the IBM port scanner 1.3.1. El servidor en IBM Tivoli Storage Manager (TSM) 4.2.x en MVS, 5.1.9.x versiones anteriores a v5.1.9.1, 5.1.x versiones ant... • http://secunia.com/advisories/34498 •
CVSS: 10.0EPSS: 37%CPEs: 21EXPL: 0CVE-2008-4563
https://notcve.org/view.php?id=CVE-2008-4563
11 Mar 2009 — Heap-based buffer overflow in adsmdll.dll 5.3.7.7296, as used by the daemon (dsmsvc.exe) in the backup server in IBM Tivoli Storage Manager (TSM) Express 5.3.7.3 and earlier and TSM 5.2, 5.3 before 5.3.6.0, and 5.4.0.0 through 5.4.4.0, allows remote attackers to execute arbitrary code via a crafted length value. Un desbordamiento del búfer en la región heap de la memoria en la biblioteca adsmdll.dll versión 5.3.7.7296, como es usada por el demonio (dsmsvc.exe) en el servidor de respaldo en Tivoli Storage Ma... • http://archives.neohapsis.com/archives/fulldisclosure/2009-03/0192.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 13%CPEs: 7EXPL: 0CVE-2009-0869
https://notcve.org/view.php?id=CVE-2009-0869
10 Mar 2009 — Buffer overflow in the client in IBM Tivoli Storage Manager (TSM) HSM 5.3.2.0 through 5.3.5.0, 5.4.0.0 through 5.4.2.5, and 5.5.0.0 through 5.5.1.4 on Windows allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors. Desbordamiento de búfer en el cliente en IBM Tivoli Storage Manager (TSM) HSM desde v5.3.2.0 hasta v5.3.5.0, desde v5.4.0.0 hasta v5.4.2.5, v5.5.0.0 hasta v5.5.1.4 en Windows permite a atacantes remotos producir una dene... • http://secunia.com/advisories/34189 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 33%CPEs: 6EXPL: 0CVE-2008-4801 – IBM Tivoli Storage Manager Express for Microsoft SQL Heap Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2008-4801
30 Oct 2008 — Heap-based buffer overflow in the Data Protection for SQL CAD service (aka dsmcat.exe) in the Client Acceptor Daemon (CAD) and the scheduler in the Backup-Archive client 5.1.0.0 through 5.1.8.1, 5.2.0.0 through 5.2.5.2, 5.3.0.0 through 5.3.6.1, 5.4.0.0 through 5.4.2.2, and 5.5.0.0 through 5.5.0.91 in IBM Tivoli Storage Manager (TSM); and the Backup-Archive client in TSM Express; allows remote attackers to execute arbitrary code by sending a large amount of crafted data to a TCP port. Desbordamiento de búfer... • http://secunia.com/advisories/32465 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 30%CPEs: 1EXPL: 0CVE-2008-0247 – IBM Tivoli Storage Manager Express Backup Server Heap Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2008-0247
12 Jan 2008 — Heap-based buffer overflow in the Express Backup Server service (dsmsvc.exe) in IBM Tivoli Storage Manager (TSM) Express 5.3 before 5.3.7.3 allows remote attackers to execute arbitrary code via a packet with a large length value. Un desbordamiento de búfer en la región heap de la memoria en el servicio Express Backup Server (archivo dsmsvc.exe) en IBM Tivoli Storage Manager (TSM) Express versiones 5.3 anteriores a 5.3.7.3, permite a atacantes remotos ejecutar código arbitrario por medio de un paquete con un... • http://secunia.com/advisories/28440 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2007-4348
https://notcve.org/view.php?id=CVE-2007-4348
30 Oct 2007 — Cross-site scripting (XSS) vulnerability in the CAD service in IBM Tivoli Storage Manager (TSM) Client 5.3.5.3 and 5.4.1.2 for Windows allows remote attackers to inject arbitrary web script or HTML via HTTP requests to port 1581, which generate log entries in a dsmerror.log file that is accessible through a certain web interface. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en el servicio CAD de IBM Tivoli Storage Manager (TSM) Client 5.3.5.3 y 5.4.1.2 para Windows permite a atacantes r... • http://secunia.com/advisories/27013 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 88%CPEs: 8EXPL: 2CVE-2007-4880 – IBM Tivoli Storage Manager Express CAD Service Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2007-4880
24 Sep 2007 — Buffer overflow in the Client Acceptor Daemon (CAD), dsmcad.exe, in certain IBM Tivoli Storage Manager (TSM) clients 5.1 before 5.1.8.1, 5.2 before 5.2.5.2, 5.3 before 5.3.5.3, and 5.4 before 5.4.1.2 allows remote attackers to execute arbitrary code via crafted HTTP headers, aka IC52905. Desbordamiento de búfer en el Demonio Aceptador de Clientes (Client Acceptor Daemon o CAD), dsmcad.exe, en determinados clientes IBM Tivoli Storage Manager (TSM) 5.1 anterior a 5.1.8.1, 5.2 anterior a 5.2.5.2, 5.3 anterior ... • https://www.exploit-db.com/exploits/16764 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •