CVE-2015-4934 – IBM Tivoli Storage Manager FastBack Server Opcode 8192 Stack Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-4934
Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12.1 allows remote attackers to execute arbitrary code via a crafted packet, a different vulnerability than CVE-2015-4931, CVE-2015-4932, CVE-2015-4933, and CVE-2015-4935. Desbordamiento del buffer basado en pila en el servidor en IBM Tivoli Storage Manager FastBack 6.1 en versiones anteriores a 6.1.12.1, permite a atacantes remotos ejecutar código arbitrario a través de un paquete manipulado, una vulnerabilidad diferente a CVE-2015-4931, CVE-2015-4932, CVE-2015-4933 y CVE-2015-4935. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Storage Manager FastBack. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of opcode 8192. By sending a crafted packet on TCP port 11460, an attacker is able to cause a stack buffer overflow when handling SymbolOperation debug dispatching. • http://www-01.ibm.com/support/docview.wss?uid=swg21961928 http://www.securityfocus.com/bid/76109 http://www.zerodayinitiative.com/advisories/ZDI-15-376 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2015-4932 – IBM Tivoli Storage Manager FastBack Server Opcode 1365 Files Restore Agents Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-4932
Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12.1 allows remote attackers to execute arbitrary code via a crafted packet, a different vulnerability than CVE-2015-4931, CVE-2015-4933, CVE-2015-4934, and CVE-2015-4935. Desbordamiento del buffer basado en pila en el servidor en IBM Tivoli Storage Manager FastBack 6.1 en versiones anteriores a 6.1.12.1, permite a atacantes remotos ejecutar código arbitrario a través de un paquete manipulado, una vulnerabilidad diferente a CVE-2015-4931, CVE-2015-4933, CVE-2015-4934 y CVE-2015-4935. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Storage Manager FastBack. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of opcode 1365. By sending a crafted packet on TCP port 11460, an attacker is able to cause a stack buffer overflow when handling a Files Restore Agents list. • http://www-01.ibm.com/support/docview.wss?uid=swg21961928 http://www.securityfocus.com/bid/76106 http://www.zerodayinitiative.com/advisories/ZDI-15-373 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2015-4935 – IBM Tivoli Storage Manager FastBack Server Opcode 4755 Stack Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-4935
Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12.1 allows remote attackers to execute arbitrary code via a crafted packet, a different vulnerability than CVE-2015-4931, CVE-2015-4932, CVE-2015-4933, and CVE-2015-4934. Desbordamiento del buffer basado en pila en el servidor en IBM Tivoli Storage Manager FastBack 6.1 en versiones anteriores a 6.1.12.1, permite a atacantes remotos ejecutar código arbitrario a través de un paquete manipulado, una vulnerabilidad diferente a CVE-2015-4931, CVE-2015-4932, CVE-2015-4933 y CVE-2015-4934. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Storage Manager FastBack. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of opcode 4755. By sending a crafted packet on TCP port 11460, an attacker is able to cause a stack buffer overflow. • http://www-01.ibm.com/support/docview.wss?uid=swg21961928 http://www.securityfocus.com/bid/76110 http://www.zerodayinitiative.com/advisories/ZDI-15-372 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2015-4933 – IBM Tivoli Storage Manager FastBack Server Opcode 1365 Volumes Restore Agents Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-4933
Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12.1 allows remote attackers to execute arbitrary code via a crafted packet, a different vulnerability than CVE-2015-4931, CVE-2015-4932, CVE-2015-4934, and CVE-2015-4935. Desbordamiento del buffer basado en pila en el servidor en IBM Tivoli Storage Manager FastBack 6.1 en versiones anteriores a 6.1.12.1, permite a atacantes remotos ejecutar código arbitrario a través de un paquete manipulado, una vulnerabilidad diferente a CVE-2015-4931, CVE-2015-4932, CVE-2015-4934 y CVE-2015-4935. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Storage Manager FastBack. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of opcode 1365. By sending a crafted packet on TCP port 11460, an attacker is able to cause a stack buffer overflow when handling a Volume Restore Agents list. • http://www-01.ibm.com/support/docview.wss?uid=swg21961928 http://www.securityfocus.com/bid/76111 http://www.zerodayinitiative.com/advisories/ZDI-15-374 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2015-4931 – IBM Tivoli Storage Manager FastBack Server Opcode 4115 Stack Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-4931
Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12.1 allows remote attackers to execute arbitrary code via a crafted packet, a different vulnerability than CVE-2015-4932, CVE-2015-4933, CVE-2015-4934, and CVE-2015-4935. Desbordamiento del buffer basado en pila en el servidor en IBM Tivoli Storage Manager FastBack 6.1 en versiones anteriores a 6.1.12.1, permite a atacantes remotos ejecutar código arbitrario a través de un paquete manipulado, una vulnerabilidad diferente a CVE-2015-4932, CVE-2015-4933, CVE-2015-4934 y CVE-2015-4935. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Storage Manager FastBack. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of opcode 4115. By sending a crafted packet on TCP port 11460, an attacker is able to cause a stack buffer overflow when handling a version description string. • http://www-01.ibm.com/support/docview.wss?uid=swg21961928 http://www.securityfocus.com/bid/76107 http://www.zerodayinitiative.com/advisories/ZDI-15-375 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •