CVSS: 10.0EPSS: 8%CPEs: 10EXPL: 0CVE-2010-3757
https://notcve.org/view.php?id=CVE-2010-3757
05 Oct 2010 — Format string vulnerability in the _Eventlog function in FastBackServer.exe in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 allows remote attackers to execute arbitrary code via format string specifiers located after a | (pipe) character in a string. NOTE: this might overlap CVE-2010-3059. Vulnerabilidad de formato de cadena en la función _Eventlog en FastBackServer.exe en el servidor de IBM Tivoli Storage Manager (TSM) Fastback v5.5.0.0 a v5.5.... • http://www-01.ibm.com/support/docview.wss?uid=swg1IC69883 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 30%CPEs: 10EXPL: 0CVE-2010-3758
https://notcve.org/view.php?id=CVE-2010-3758
05 Oct 2010 — Multiple stack-based buffer overflows in FastBackServer.exe in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 allow remote attackers to execute arbitrary code via vectors involving the (1) AGI_SendToLog (aka _SendToLog) function; the (2) group, (3) workgroup, or (4) domain name field to the USER_S_AddADGroup function; the (5) user_path variable to the FXCLI_checkIndexDBLocation function; or (6) the _AGI_S_ActivateLTScriptReply (aka ActivateLTScrip... • http://www-01.ibm.com/support/docview.wss?uid=swg1IC69883 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 8%CPEs: 10EXPL: 0CVE-2010-3759
https://notcve.org/view.php?id=CVE-2010-3759
05 Oct 2010 — FastBackMount.exe in the Mount service in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 writes a certain value to a memory location specified by a UDP packet field, which allows remote attackers to execute arbitrary code via multiple requests. NOTE: this might overlap CVE-2010-3058. FastBackMount.exe en el servicio de montaje de IBM Tivoli Storage Manager (TSM) Fastback v5.5.0.0 a v5.5.6.0 y v6.1.0.0 a v6.1.0.1 escribe un valor a una posición de memoria indica... • http://www-01.ibm.com/support/docview.wss?uid=swg1IC69883 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2010-3760
https://notcve.org/view.php?id=CVE-2010-3760
05 Oct 2010 — FastBackMount.exe in the Mount service in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 does not properly handle a certain failure to allocate memory, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash, and recovery failure) by specifying a large size value within TCP packet data. NOTE: this might overlap CVE-2010-3061. FastBackMount.exe en el servicio de montaje de IBM Tivoli Storage Manager (TSM) Fastback v5... • http://www-01.ibm.com/support/docview.wss?uid=swg1IC69883 • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 9%CPEs: 10EXPL: 0CVE-2010-3761
https://notcve.org/view.php?id=CVE-2010-3761
05 Oct 2010 — Unspecified vulnerability in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-700. NOTE: this might overlap CVE-2010-3058 or CVE-2010-3059. Una vulnerabilidad no especificada en IBM Tivoli Storage Manager (TSM) Fastback v5.5.0.0 hasta v5.5.6.0 y v6.1.0.0 hasta v6.1.0.1 permite a atacantes remotos ejecutar código de su elección a través de vectores desconocidos. Este problema tambié... • http://www-01.ibm.com/support/docview.wss?uid=swg1IC69883 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 2%CPEs: 9EXPL: 0CVE-2010-3058
https://notcve.org/view.php?id=CVE-2010-3058
20 Aug 2010 — The Mount service in IBM Tivoli Storage Manager (TSM) FastBack 5.x.x before 5.5.7, and 6.1.0.0, establishes an open UDP port, which might allow remote attackers to overwrite memory locations and execute arbitrary code, or cause a denial of service (application hang), via unspecified vectors. El servicio Mount en IBM Tivoli Storage Manager (TSM) FastBack v5.x.x anterior a v5.5.7, y v6.1.0.0, establece un puerto UDP abierto, lo que podría permitir a atacantes remotos sobreescribir direcciones de memoria y eje... • http://secunia.com/advisories/41044 • CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 0%CPEs: 9EXPL: 0CVE-2010-3059
https://notcve.org/view.php?id=CVE-2010-3059
20 Aug 2010 — Buffer overflow in the message-protocol implementation in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.x.x before 5.5.7, and 6.1.0.0, allows remote attackers to read and modify data, and possibly have other impact, via an unspecified command. Desbordamiento de búfer en el protocolo de implementación message en el servidor en IBM Tivoli Storage Manager (TSM) FastBack v5.x.x anterior a v5.5.7, y v6.1.0.0, permite a atacantes remotos leer y modificar datos, y posiblemente tenga otro impacto, a tra... • http://secunia.com/advisories/41044 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2010-3060
https://notcve.org/view.php?id=CVE-2010-3060
20 Aug 2010 — Unspecified vulnerability in the message-protocol implementation in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.x.x before 5.5.7, and 6.1.0.0, allows remote attackers to cause a denial of service (daemon outage) via unknown vectors. Vulnerabilidad sin especificar en el protocolo de implementación message en IBM Tivoli Storage Manager (TSM) FastBack v5.x.x anterior a v5.5.7, y v6.1.0.0, permite a atacantes remotos provocar ua denegación de servicio (agotamiento de demonio) a través de vectores ... • http://secunia.com/advisories/41044 •
CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2010-3061
https://notcve.org/view.php?id=CVE-2010-3061
20 Aug 2010 — Unspecified vulnerability in the message-protocol implementation in the Mount service in IBM Tivoli Storage Manager (TSM) FastBack 5.x.x before 5.5.7, and 6.1.0.0, allows remote attackers to cause a denial of service (recovery failure), and possibly trigger loss of data, via unknown vectors. Vulnerabilidad sin especificar en el protocolo de implementación message en el servicio Mount en IBM Tivoli Storage Manager (TSM) FastBack v5.x.x anterior a v5.5.7, y v6.1.0.0, permite a atacantes remotos provocar una d... • http://secunia.com/advisories/41044 •