CVE-2011-1222
https://notcve.org/view.php?id=CVE-2011-1222
Buffer overflow in the Journal Based Backup (JBB) feature in the backup-archive client in IBM Tivoli Storage Manager (TSM) before 5.4.3.4, 5.5.x before 5.5.3, 6.x before 6.1.4, and 6.2.x before 6.2.2 on Windows and AIX allows local users to gain privileges via unspecified vectors. Desbordamiento de búfer en característica de copia de seguridad diaria(JBB o Journal Based Backup) en el archivo de copia de seguridad de IBM Tivoli Storage Manager (TSM), antes de v5.4.3.4, en v5.5.x antes de v5.5.3, en v6.x antes de v6.1.4, y en v6.2.x antes de v6.2.2, en Windows y AIX permite a usuarios locales conseguir privilegios a través de vectores no especificados. • http://secunia.com/advisories/45098 http://securitytracker.com/id?1025741 http://www.ibm.com/support/docview.wss?uid=swg1IC77049 http://www.ibm.com/support/docview.wss?uid=swg21457604 http://www.securityfocus.com/bid/48519 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2009-3854
https://notcve.org/view.php?id=CVE-2009-3854
Buffer overflow in the traditional client scheduler in the client in IBM Tivoli Storage Manager (TSM) 5.3 before 5.3.6.7 and 5.4 before 5.4.2 allows remote attackers to execute arbitrary code via unspecified vectors. Desbordamiento de búfer en traditional client scheduler en the client en IBM Tivoli Storage Manager (TSM) v5.3 anteriores a v5.3.6.7 y v5.4 anteriores a v5.4.2 • http://secunia.com/advisories/32534 http://securitytracker.com/id?1023136 http://www-01.ibm.com/support/docview.wss?uid=swg1IC61058 http://www-01.ibm.com/support/docview.wss?uid=swg21405562 http://www.vupen.com/english/advisories/2009/3132 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2009-3855
https://notcve.org/view.php?id=CVE-2009-3855
Multiple unspecified vulnerabilities in the (1) UNIX and (2) Linux backup-archive clients, and the (3) OS/400 API client, in IBM Tivoli Storage Manager (TSM) 5.3 before 5.3.6.6, 5.4 before 5.4.2, and 5.5 before 5.5.1, when the MAILPROG option is enabled, allow attackers to read, modify, or delete arbitrary files via unknown vectors. Múltiples vulnerabilidades sin especificar en (1) UNIX y (2) clientes Linux backup-archive, y (3)el cliente API de OS/400, en IBM Tivoli Storage Manager (TSM) v5.3 anteriores a v5.3.6.6, v5.4 anteriores a v5.4.2, y v5.5 anteriores a v5.5.1, • http://secunia.com/advisories/32534 http://www-01.ibm.com/support/docview.wss?uid=swg1IC54489 http://www-01.ibm.com/support/docview.wss?uid=swg21405562 http://www.vupen.com/english/advisories/2009/3132 •
CVE-2009-3853 – IBM Tivoli Storage Manager Express CAD Service - Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2009-3853
Stack-based buffer overflow in the client acceptor daemon (CAD) scheduler in the client in IBM Tivoli Storage Manager (TSM) 5.3 before 5.3.6.7, 5.4 before 5.4.3, 5.5 before 5.5.2.2, and 6.1 before 6.1.0.2, and TSM Express 5.3.3.0 through 5.3.6.6, allows remote attackers to execute arbitrary code via crafted data in a TCP packet. Un desbordamiento de búfer en la región stack de la memoria en el planificador del demonio de aceptación de cliente (CAD) en el cliente en Tivoli Storage Manager (TSM) versiones 5.3 anteriores a 5.3.6.7, versiones 5.4 anteriores a 5.4.3, versiones 5.5 anteriores a 5.5.2.2, y versiones 6.1 anteriores a 6.1.0.2, y TSM Express versiones 5.3.3.0 hasta 5.3.6.6, de IBM, permite a los atacantes remotos ejecutar código arbitrario por medio de datos especialmente diseñados en un paquete TCP. • https://www.exploit-db.com/exploits/16421 http://secunia.com/advisories/32534 http://secunia.com/secunia_research/2008-51 http://securitytracker.com/id?1023136 http://www-01.ibm.com/support/docview.wss?uid=swg1IC61036 http://www-01.ibm.com/support/docview.wss?uid=swg21405562 http://www.securityfocus.com/archive/1/507654/100/0/threaded http://www.vupen.com/english/advisories/2009/3132 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2003-1570
https://notcve.org/view.php?id=CVE-2003-1570
The server in IBM Tivoli Storage Manager (TSM) 5.1.x, 5.2.x before 5.2.1.2, and 6.x before 6.1 does not require credentials to observe the server console in some circumstances, which allows remote authenticated administrators to monitor server operations by establishing a console mode session, related to "session exposure." El servidor en IBM Tivoli Storage Manager (TSM) v5.1.x, v5.2.x anteriores a v5.2.1.2, y v6.x anteriores a v6.1, no requiere credenciales para ver la consola del servidor en algunas circunstancias, lo que permite a administradores autenticados en remoto monitorizar las operaciones del servidor estableciendo una sesión en modo consola, relativo a una "exposición de sesión". • http://secunia.com/advisories/34498 http://securitytracker.com/id?1021947 http://www-01.ibm.com/support/docview.wss?uid=swg21375360 http://www-1.ibm.com/support/docview.wss?uid=swg1IC37554 http://www.securityfocus.com/bid/34285 http://www.vupen.com/english/advisories/2009/0881 https://exchange.xforce.ibmcloud.com/vulnerabilities/49536 • CWE-287: Improper Authentication •