CVSS: 10.0EPSS: 93%CPEs: 11EXPL: 0CVE-2015-1923 – IBM Tivoli Storage Manager FastBack Server Opcode 1331 Command Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-1923
Buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors. Desbordamiento de buffer en el servidor en IBM Tivoli Storage Manager FastBack 6.1 anterior a 6.1.12 permite a atacantes remotos causar una denegación de servicio (caída de demonio) a través de vectores no especificados. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Storage Manager FastBack. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of opcode 1331. By sending a crafted packet on TCP port 11460, an attacker is able to inject arbitrary commands via a system call. • http://www-01.ibm.com/support/docview.wss?uid=swg21959398 http://www.securityfocus.com/bid/75445 http://www.securitytracker.com/id/1032773 http://www.zerodayinitiative.com/advisories/ZDI-15-264 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 93%CPEs: 11EXPL: 0CVE-2015-1924 – IBM Tivoli Storage Manager FastBack Server Opcode 1329 Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-1924
Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a different vulnerability than CVE-2015-1925, CVE-2015-1929, CVE-2015-1930, CVE-2015-1948, CVE-2015-1953, CVE-2015-1954, CVE-2015-1962, CVE-2015-1963, CVE-2015-1964, and CVE-2015-1965. Desbordamiento de buffer basado en pila en el servidor en IBM Tivoli Storage Manager FastBack 6.1 anterior a 6.1.12 permite a atacantes remotos causar una denegación de servicio (caída de demonio) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-1925, CVE-2015-1929, CVE-2015-1930, CVE-2015-1948, CVE-2015-1953, CVE-2015-1954, CVE-2015-1962, CVE-2015-1963, CVE-2015-1964, y CVE-2015-1965. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Storage Manager FastBack. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of opcode 1329. By sending a crafted packet on TCP port 11460, an attacker is able to cause a stack buffer overflow. • http://www-01.ibm.com/support/docview.wss?uid=swg21959398 http://www.securityfocus.com/bid/75447 http://www.securitytracker.com/id/1032773 http://www.zerodayinitiative.com/advisories/ZDI-15-267 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 93%CPEs: 11EXPL: 0CVE-2015-1925 – IBM Tivoli Storage Manager FastBack Server Opcode 1332 Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-1925
Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a different vulnerability than CVE-2015-1924, CVE-2015-1929, CVE-2015-1930, CVE-2015-1948, CVE-2015-1953, CVE-2015-1954, CVE-2015-1962, CVE-2015-1963, CVE-2015-1964, and CVE-2015-1965. Desbordamiento de buffer basado en pila en el servidor en IBM Tivoli Storage Manager FastBack 6.1 anterior a 6.1.12 permite a atacantes remotos causar una denegación de servicio (caída de demonio) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-1924, CVE-2015-1929, CVE-2015-1930, CVE-2015-1948, CVE-2015-1953, CVE-2015-1954, CVE-2015-1962, CVE-2015-1963, CVE-2015-1964, y CVE-2015-1965. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Storage Manager FastBack. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of opcode 1332. By sending a crafted packet on TCP port 11460, an attacker is able to cause a stack buffer overflow. • http://www-01.ibm.com/support/docview.wss?uid=swg21959398 http://www.securityfocus.com/bid/75449 http://www.securitytracker.com/id/1032773 http://www.zerodayinitiative.com/advisories/ZDI-15-266 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 93%CPEs: 11EXPL: 0CVE-2015-1929 – IBM Tivoli Storage Manager FastBack Server FXCLI_OraBR_Exec_Command Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-1929
Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a different vulnerability than CVE-2015-1924, CVE-2015-1925, CVE-2015-1930, CVE-2015-1948, CVE-2015-1953, CVE-2015-1954, CVE-2015-1962, CVE-2015-1963, CVE-2015-1964, and CVE-2015-1965. Desbordamiento de buffer basado en pila en el servidor en IBM Tivoli Storage Manager FastBack 6.1 anterior a 6.1.12 permite a atacantes remotos causar una denegación de servicio (caída de demonio) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-1924, CVE-2015-1925, CVE-2015-1930, CVE-2015-1948, CVE-2015-1953, CVE-2015-1954, CVE-2015-1962, CVE-2015-1963, CVE-2015-1964, y CVE-2015-1965. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Storage Manager FastBack. Authentication is not required to exploit this vulnerability. The specific flaw exists within the FXCLI_OraBR_Exec_Command function. By sending a crafted packet on TCP port 11460, an attacker is able to cause a stack buffer overflow. • http://www-01.ibm.com/support/docview.wss?uid=swg21959398 http://www.securityfocus.com/bid/75451 http://www.securitytracker.com/id/1032773 http://www.zerodayinitiative.com/advisories/ZDI-15-263 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 93%CPEs: 11EXPL: 0CVE-2015-1930 – IBM Tivoli Storage Manager FastBack Server JOB_S_GetJobByUserFriendlyString Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-1930
Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a different vulnerability than CVE-2015-1924, CVE-2015-1925, CVE-2015-1929, CVE-2015-1948, CVE-2015-1953, CVE-2015-1954, CVE-2015-1962, CVE-2015-1963, CVE-2015-1964, and CVE-2015-1965. Desbordamiento de buffer basado en pila en el servidor en IBM Tivoli Storage Manager FastBack 6.1 anterior a 6.1.12 permite a atacantes remotos causar una denegación de servicio (caída de demonio) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-1924, CVE-2015-1925, CVE-2015-1929, CVE-2015-1948, CVE-2015-1953, CVE-2015-1954, CVE-2015-1962, CVE-2015-1963, CVE-2015-1964, y CVE-2015-1965. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Storage Manager FastBack. Authentication is not required to exploit this vulnerability. The specific flaw exists within the JOB_S_GetJobByUserFriendlyString function. By sending a crafted packet on TCP port 11460, an attacker is able to cause a stack buffer overflow. • http://www-01.ibm.com/support/docview.wss?uid=swg21959398 http://www.securityfocus.com/bid/75452 http://www.securitytracker.com/id/1032773 http://www.zerodayinitiative.com/advisories/ZDI-15-265 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •