CVSS: 10.0EPSS: 0%CPEs: 33EXPL: 0CVE-2016-0216
https://notcve.org/view.php?id=CVE-2016-0216
Stack-based buffer overflow in IBM Tivoli Storage Manager FastBack 5.5 and 6.1.x through 6.1.11.1 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a different vulnerability than CVE-2016-0212 and CVE-2016-0213. Desbordamiento de buffer basado en pila en IBM Tivoli Storage Manager FastBack 5.5 y 6.1.x hasta la versión 6.1.11.1 permite a atacantes remotos causar una denegación de servicio (caída de demonio) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0212 y CVE-2016-0213. • http://www.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_multiple_security_vulnerabilities_in_ibm_tivoli_storage_manager_fastback_cve_2016_0212_cve_2016_0213_cve_2016_0216 http://www.ibm.com/support/docview.wss?uid=swg21975358 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 35EXPL: 0CVE-2016-0212
https://notcve.org/view.php?id=CVE-2016-0212
Stack-based buffer overflow in IBM Tivoli Storage Manager FastBack 5.5 and 6.1.x through 6.1.11.1 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a different vulnerability than CVE-2016-0213 and CVE-2016-0216. Desbordamiento de buffer basado en pila en IBM Tivoli Storage Manager FastBack 5.5 y 6.1.x hasta la versión 6.1.11.1 permite a atacantes remotos causar una denegación de servicio (caída de demonio) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0213 y CVE-2016-0216. • http://www.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_multiple_security_vulnerabilities_in_ibm_tivoli_storage_manager_fastback_cve_2016_0212_cve_2016_0213_cve_2016_0216 http://www.ibm.com/support/docview.wss?uid=swg21975358 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 35EXPL: 0CVE-2016-0213
https://notcve.org/view.php?id=CVE-2016-0213
Stack-based buffer overflow in IBM Tivoli Storage Manager FastBack 5.5 and 6.1.x through 6.1.11.1 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a different vulnerability than CVE-2016-0212 and CVE-2016-0216. Desbordamiento de buffer basado en pila en IBM Tivoli Storage Manager FastBack 5.5 y 6.1.x hasta la versión 6.1.11.1 permite a atacantes remotos causar una denegación de servicio (caída de demonio) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0212 y CVE-2016-0216. • http://www.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_multiple_security_vulnerabilities_in_ibm_tivoli_storage_manager_fastback_cve_2016_0212_cve_2016_0213_cve_2016_0216 http://www.ibm.com/support/docview.wss?uid=swg21975358 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.0EPSS: 0%CPEs: 15EXPL: 0CVE-2015-4950
https://notcve.org/view.php?id=CVE-2015-4950
The mailbox-restore feature in IBM Tivoli Storage Manager for Mail: Data Protection for Microsoft Exchange Server 6.1 before 6.1.3.6, 6.3 before 6.3.1.3, 6.4 before 6.4.1.4, and 7.1 before 7.1.0.2; Tivoli Storage FlashCopy Manager: FlashCopy Manager for Microsoft Exchange Server 2.1, 2.2, 3.1 before 3.1.1.5, 3.2 before 3.2.1.7, and 4.1 before 4.1.1; and Tivoli Storage Manager FastBack for Microsoft Exchange 6.1 before 6.1.5.4 does not ensure that the correct mailbox is selected, which allows remote authenticated users to obtain sensitive information via a duplicate alias name. Vulnerabilidad en la aplicación del restablecimiento del buzón de correo en IBM Tivoli Storage Manager for Mail: protección de datos para Microsoft Exchange Server 6.1 en versiones anteriores a 6.1.3.6, 6.3 en versiones anteriores a 6.3.1.3, 6.4 en versiones anteriores a 6.4.1.4 y 7.1 en versiones anteriores a 7.1.0.2; Tivoli Storage FlashCopy Manager: FlashCopy Manager para Microsoft Exchange Server 2.1, 2.2, 3.1 en versiones anteriores a 3.1.1.5, 3.2 en versiones anteriores a 3.2.1.7 y 4.1 en versiones anteriores a 4.1.1; y Tivoli Storage Manager FastBack para Microsoft Exchange 6.1 en versiones anteriores a 6.1.5.4 no asegura que sea seleccionado el buzón de correo correcto, lo que permite a usuarios remotos autenticados obtener información sensible a través de apodo duplicado. • http://www-01.ibm.com/support/docview.wss?uid=swg1IT04251 http://www-01.ibm.com/support/docview.wss?uid=swg1IT04252 http://www-01.ibm.com/support/docview.wss?uid=swg21963629 http://www.securitytracker.com/id/1033652 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 48%CPEs: 11EXPL: 0CVE-2015-4931 – IBM Tivoli Storage Manager FastBack Server Opcode 4115 Stack Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-4931
Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12.1 allows remote attackers to execute arbitrary code via a crafted packet, a different vulnerability than CVE-2015-4932, CVE-2015-4933, CVE-2015-4934, and CVE-2015-4935. Desbordamiento del buffer basado en pila en el servidor en IBM Tivoli Storage Manager FastBack 6.1 en versiones anteriores a 6.1.12.1, permite a atacantes remotos ejecutar código arbitrario a través de un paquete manipulado, una vulnerabilidad diferente a CVE-2015-4932, CVE-2015-4933, CVE-2015-4934 y CVE-2015-4935. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Storage Manager FastBack. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of opcode 4115. By sending a crafted packet on TCP port 11460, an attacker is able to cause a stack buffer overflow when handling a version description string. • http://www-01.ibm.com/support/docview.wss?uid=swg21961928 http://www.securityfocus.com/bid/76107 http://www.zerodayinitiative.com/advisories/ZDI-15-375 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •