CVSS: 7.8EPSS: 1%CPEs: 11EXPL: 0CVE-2015-1963
https://notcve.org/view.php?id=CVE-2015-1963
Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a different vulnerability than CVE-2015-1924, CVE-2015-1925, CVE-2015-1929, CVE-2015-1930, CVE-2015-1948, CVE-2015-1953, CVE-2015-1954, CVE-2015-1962, CVE-2015-1964, and CVE-2015-1965. Desbordamiento de buffer basado en pila en el servidor en IBM Tivoli Storage Manager FastBack 6.1 anterior a 6.1.12 permite a atacantes remotos causar una denegación de servicio (caída de demonio) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-1924, CVE-2015-1925, CVE-2015-1929, CVE-2015-1930, CVE-2015-1948, CVE-2015-1953, CVE-2015-1954, CVE-2015-1962, CVE-2015-1964, y CVE-2015-1965. • http://www-01.ibm.com/support/docview.wss?uid=swg21959398 http://www.securityfocus.com/bid/75455 http://www.securitytracker.com/id/1032773 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 1%CPEs: 11EXPL: 0CVE-2015-1964
https://notcve.org/view.php?id=CVE-2015-1964
Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a different vulnerability than CVE-2015-1924, CVE-2015-1925, CVE-2015-1929, CVE-2015-1930, CVE-2015-1948, CVE-2015-1953, CVE-2015-1954, CVE-2015-1962, CVE-2015-1963, and CVE-2015-1965. Desbordamiento de buffer basado en pila en el servidor en IBM Tivoli Storage Manager FastBack 6.1 anterior a 6.1.12 permite a atacantes remotos causar una denegación de servicio (caída de demonio) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-1924, CVE-2015-1925, CVE-2015-1929, CVE-2015-1930, CVE-2015-1948, CVE-2015-1953, CVE-2015-1954, CVE-2015-1962, CVE-2015-1963, y CVE-2015-1965. • http://www-01.ibm.com/support/docview.wss?uid=swg21959398 http://www.securityfocus.com/bid/75457 http://www.securitytracker.com/id/1032773 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 1%CPEs: 11EXPL: 0CVE-2015-1965
https://notcve.org/view.php?id=CVE-2015-1965
Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a different vulnerability than CVE-2015-1924, CVE-2015-1925, CVE-2015-1929, CVE-2015-1930, CVE-2015-1948, CVE-2015-1953, CVE-2015-1954, CVE-2015-1962, CVE-2015-1963, and CVE-2015-1964. Desbordamiento de buffer basado en pila en el servidor en IBM Tivoli Storage Manager FastBack 6.1 anterior a 6.1.12 permite a atacantes remotos causar una denegación de servicio (caída de demonio) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-1924, CVE-2015-1925, CVE-2015-1929, CVE-2015-1930, CVE-2015-1948, CVE-2015-1953, CVE-2015-1954, CVE-2015-1962, CVE-2015-1963, y CVE-2015-1964. • http://www-01.ibm.com/support/docview.wss?uid=swg21959398 http://www.securityfocus.com/bid/75458 http://www.securitytracker.com/id/1032773 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 14%CPEs: 11EXPL: 0CVE-2015-1942 – IBM Tivoli Storage Manager FastBack Server Opcode 1332 Directory Traversal Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-1942
The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to write to arbitrary files, and subsequently execute these files, via a crafted TCP packet to an unspecified port. El servidor en IBM Tivoli Storage Manager FastBack 6.1 anterior a 6.1.12 permite a atacantes remotos escribir en ficheros arbitrarios, y como consecuencia ejecutar estos ficheros, a través de un paquete TCP manipulado en un puerto no especificado. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Storage Manager FastBack. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of opcode 1332. By sending a crafted packet on TCP port 11460, an attacker can force the process to write arbitrary data to an existing file on the system. • http://www-01.ibm.com/support/docview.wss?uid=swg21959398 http://www.securityfocus.com/bid/75450 http://www.securitytracker.com/id/1032773 http://www.zerodayinitiative.com/advisories/ZDI-15-269 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 93%CPEs: 11EXPL: 0CVE-2015-1923 – IBM Tivoli Storage Manager FastBack Server Opcode 1331 Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-1923
Buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors. Desbordamiento de buffer en el servidor en IBM Tivoli Storage Manager FastBack 6.1 anterior a 6.1.12 permite a atacantes remotos causar una denegación de servicio (caída de demonio) a través de vectores no especificados. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Storage Manager FastBack. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of opcode 1331. By sending a crafted packet on TCP port 11460, an attacker is able to inject arbitrary commands via a system call. • http://www-01.ibm.com/support/docview.wss?uid=swg21959398 http://www.securityfocus.com/bid/75445 http://www.securitytracker.com/id/1032773 http://www.zerodayinitiative.com/advisories/ZDI-15-264 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •