CVSS: 9.8EPSS: 86%CPEs: 35EXPL: 0CVE-2015-8519
https://notcve.org/view.php?id=CVE-2015-8519
Buffer overflow in the server in IBM Tivoli Storage Manager FastBack 5.5.x and 6.x before 6.1.12.2 allows remote attackers to execute arbitrary code via a crafted command, a different vulnerability than CVE-2015-8520, CVE-2015-8521, and CVE-2015-8522. Desbordamiento de buffer en el servidor en IBM Tivoli Storage Manager FastBack 5.5.x y 6.x en versiones anteriores a 6.1.12.2 permite a atacantes remotos ejecutar código arbitrario a través de un comando manipulado, una vulnerabilidad diferente a CVE-2015-8520, CVE-2015-8521 y CVE-2015-8522. • http://www-01.ibm.com/support/docview.wss?uid=swg21975536 http://www.securityfocus.com/bid/84161 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 33EXPL: 0CVE-2016-0216
https://notcve.org/view.php?id=CVE-2016-0216
Stack-based buffer overflow in IBM Tivoli Storage Manager FastBack 5.5 and 6.1.x through 6.1.11.1 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a different vulnerability than CVE-2016-0212 and CVE-2016-0213. Desbordamiento de buffer basado en pila en IBM Tivoli Storage Manager FastBack 5.5 y 6.1.x hasta la versión 6.1.11.1 permite a atacantes remotos causar una denegación de servicio (caída de demonio) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0212 y CVE-2016-0213. • http://www.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_multiple_security_vulnerabilities_in_ibm_tivoli_storage_manager_fastback_cve_2016_0212_cve_2016_0213_cve_2016_0216 http://www.ibm.com/support/docview.wss?uid=swg21975358 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 35EXPL: 0CVE-2016-0212
https://notcve.org/view.php?id=CVE-2016-0212
Stack-based buffer overflow in IBM Tivoli Storage Manager FastBack 5.5 and 6.1.x through 6.1.11.1 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a different vulnerability than CVE-2016-0213 and CVE-2016-0216. Desbordamiento de buffer basado en pila en IBM Tivoli Storage Manager FastBack 5.5 y 6.1.x hasta la versión 6.1.11.1 permite a atacantes remotos causar una denegación de servicio (caída de demonio) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0213 y CVE-2016-0216. • http://www.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_multiple_security_vulnerabilities_in_ibm_tivoli_storage_manager_fastback_cve_2016_0212_cve_2016_0213_cve_2016_0216 http://www.ibm.com/support/docview.wss?uid=swg21975358 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 35EXPL: 0CVE-2016-0213
https://notcve.org/view.php?id=CVE-2016-0213
Stack-based buffer overflow in IBM Tivoli Storage Manager FastBack 5.5 and 6.1.x through 6.1.11.1 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a different vulnerability than CVE-2016-0212 and CVE-2016-0216. Desbordamiento de buffer basado en pila en IBM Tivoli Storage Manager FastBack 5.5 y 6.1.x hasta la versión 6.1.11.1 permite a atacantes remotos causar una denegación de servicio (caída de demonio) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2016-0212 y CVE-2016-0216. • http://www.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_multiple_security_vulnerabilities_in_ibm_tivoli_storage_manager_fastback_cve_2016_0212_cve_2016_0213_cve_2016_0216 http://www.ibm.com/support/docview.wss?uid=swg21975358 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 3.7EPSS: 0%CPEs: 10EXPL: 0CVE-2015-7408
https://notcve.org/view.php?id=CVE-2015-7408
The server in IBM Spectrum Protect (aka Tivoli Storage Manager) 5.5 and 6.x before 6.3.5.1 and 7.x before 7.1.4 does not properly restrict use of the ASNODENAME option, which allows remote attackers to read or write to backup data by leveraging proxy authority. El servidor en IBM Spectrum Protect (también conocido como Tivoli Storage Manager) 5.5 y 6.x en versiones anteriores a 6.3.5.1 y 7.x en versiones anteriores a 7.1.4 no restringe adecuadamente el uso de la opción ASNODENAME, lo que permite a atacantes remotos leer o escribir en datos de copia de seguridad mediante el aprovechamiento de la autoridad proxy. • http://www-01.ibm.com/support/docview.wss?uid=swg1IT13609 http://www-01.ibm.com/support/docview.wss?uid=swg21975957 • CWE-264: Permissions, Privileges, and Access Controls •