Page 5 of 43 results (0.005 seconds)

CVSS: 10.0EPSS: 89%CPEs: 11EXPL: 0

Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a different vulnerability than CVE-2015-1924, CVE-2015-1929, CVE-2015-1930, CVE-2015-1948, CVE-2015-1953, CVE-2015-1954, CVE-2015-1962, CVE-2015-1963, CVE-2015-1964, and CVE-2015-1965. Desbordamiento de buffer basado en pila en el servidor en IBM Tivoli Storage Manager FastBack 6.1 anterior a 6.1.12 permite a atacantes remotos causar una denegación de servicio (caída de demonio) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-1924, CVE-2015-1929, CVE-2015-1930, CVE-2015-1948, CVE-2015-1953, CVE-2015-1954, CVE-2015-1962, CVE-2015-1963, CVE-2015-1964, y CVE-2015-1965. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Storage Manager FastBack. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of opcode 1332. By sending a crafted packet on TCP port 11460, an attacker is able to cause a stack buffer overflow. • http://www-01.ibm.com/support/docview.wss?uid=swg21959398 http://www.securityfocus.com/bid/75449 http://www.securitytracker.com/id/1032773 http://www.zerodayinitiative.com/advisories/ZDI-15-266 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 89%CPEs: 11EXPL: 0

Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a different vulnerability than CVE-2015-1924, CVE-2015-1925, CVE-2015-1930, CVE-2015-1948, CVE-2015-1953, CVE-2015-1954, CVE-2015-1962, CVE-2015-1963, CVE-2015-1964, and CVE-2015-1965. Desbordamiento de buffer basado en pila en el servidor en IBM Tivoli Storage Manager FastBack 6.1 anterior a 6.1.12 permite a atacantes remotos causar una denegación de servicio (caída de demonio) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-1924, CVE-2015-1925, CVE-2015-1930, CVE-2015-1948, CVE-2015-1953, CVE-2015-1954, CVE-2015-1962, CVE-2015-1963, CVE-2015-1964, y CVE-2015-1965. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Storage Manager FastBack. Authentication is not required to exploit this vulnerability. The specific flaw exists within the FXCLI_OraBR_Exec_Command function. By sending a crafted packet on TCP port 11460, an attacker is able to cause a stack buffer overflow. • http://www-01.ibm.com/support/docview.wss?uid=swg21959398 http://www.securityfocus.com/bid/75451 http://www.securitytracker.com/id/1032773 http://www.zerodayinitiative.com/advisories/ZDI-15-263 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 89%CPEs: 11EXPL: 0

Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a different vulnerability than CVE-2015-1924, CVE-2015-1925, CVE-2015-1929, CVE-2015-1948, CVE-2015-1953, CVE-2015-1954, CVE-2015-1962, CVE-2015-1963, CVE-2015-1964, and CVE-2015-1965. Desbordamiento de buffer basado en pila en el servidor en IBM Tivoli Storage Manager FastBack 6.1 anterior a 6.1.12 permite a atacantes remotos causar una denegación de servicio (caída de demonio) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-1924, CVE-2015-1925, CVE-2015-1929, CVE-2015-1948, CVE-2015-1953, CVE-2015-1954, CVE-2015-1962, CVE-2015-1963, CVE-2015-1964, y CVE-2015-1965. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Storage Manager FastBack. Authentication is not required to exploit this vulnerability. The specific flaw exists within the JOB_S_GetJobByUserFriendlyString function. By sending a crafted packet on TCP port 11460, an attacker is able to cause a stack buffer overflow. • http://www-01.ibm.com/support/docview.wss?uid=swg21959398 http://www.securityfocus.com/bid/75452 http://www.securitytracker.com/id/1032773 http://www.zerodayinitiative.com/advisories/ZDI-15-265 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 93%CPEs: 11EXPL: 0

The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to execute arbitrary commands via unspecified vectors, a different vulnerability than CVE-2015-1986. El servidor en IBM Tivoli Storage Manager FastBack 6.1 anterior a 6.1.12 permite a atacantes remotos ejecutar comandos arbitrarios a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-1986. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Storage Manager FastBack. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of opcode 1331. By sending a crafted packet on TCP port 11460, an attacker is able to inject arbitrary commands via a system call. • http://www-01.ibm.com/support/docview.wss?uid=swg21959398 http://www.securityfocus.com/bid/75444 http://www.securitytracker.com/id/1032773 http://www.zerodayinitiative.com/advisories/ZDI-15-272 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •

CVSS: 7.8EPSS: 93%CPEs: 11EXPL: 0

The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to read arbitrary files via a crafted TCP packet to an unspecified port. El servidor en IBM Tivoli Storage Manager FastBack 6.1 anterior a 6.1.12 permite a atacantes remotos leer ficheros arbitrarios a través de un paquete TCP manipulado en un puerto no especificado. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of IBM Tivoli Storage Manager FastBack. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of opcode 1329. By sending a crafted packet on TCP port 11460, an attacker can force the process to read an arbitrary file and return the contents. • http://www-01.ibm.com/support/docview.wss?uid=swg21959398 http://www.securityfocus.com/bid/75446 http://www.securitytracker.com/id/1032773 http://www.zerodayinitiative.com/advisories/ZDI-15-268 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •