Page 7 of 46 results (0.007 seconds)

CVSS: 7.2EPSS: 0%CPEs: 5EXPL: 0

Stack-based buffer overflow in the FastBackMount process in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.11.1 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1897. Desbordamiento de buffer basado en pila en el proceso FastBackMount en IBM Tivoli Storage Manager FastBack 6.1 anterior a 6.1.11.1 permite a usuarios locales ganar privilegios a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-1897. • http://www-01.ibm.com/support/docview.wss?uid=swg21700539 http://www.securityfocus.com/bid/74036 http://www.securitytracker.com/id/1032102 https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1091 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.2EPSS: 0%CPEs: 7EXPL: 0

Stack-based buffer overflow in the FastBackMount process in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.11.1 allows local users to gain privileges via unspecified vectors, a different vulnerability than CVE-2015-1898. Desbordamiento de buffer basado en pila en el proceso FastBackMount en IBM Tivoli Storage Manager FastBack 6.1 anterior a 6.1.11.1 permite a usuarios locales ganar privilegios a través de vectores no especificados, una vulnerabilidad diferente a CVE-2015-1898. • http://www-01.ibm.com/support/docview.wss?uid=swg21700057 http://www.securitytracker.com/id/1032102 https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1092 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 78%CPEs: 11EXPL: 0

Buffer overflow in the FastBackMount process in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.11.1 has unspecified impact and remote attack vectors. Desbordamiento de buffer en el proceso FastBackMount en IBM Tivoli Storage Manager FastBack 6.1 anterior a 6.1.11.1 tiene un impacto y vectores de ataque remotos sin especificar. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Storage Manager FastBack. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CRYPTO_S_EncryptBufferToBuffer function. By sending a specially crafted packet on TCP port 30051, an attacker is able to cause a stack buffer overflow. • http://www-01.ibm.com/support/docview.wss?uid=swg21700549 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 82%CPEs: 7EXPL: 0

FastBack Mount in IBM Tivoli Storage Manager FastBack 6.1.x before 6.1.11.1 allows remote attackers to execute arbitrary code by connecting to the Mount port. FastBack Mount en IBM Tivoli Storage Manager FastBack 6.1.x anterior a 6.1.11.1 permite a atacantes remotos ejecutar código arbitrario mediante la conexión al puerto Mount. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Storage Manager FastBack. Authentication is not required to exploit this vulnerability. The specific flaw exists within FastBackServer.exe which listens by default on TCP port 30051. When handling opcode 0x09 packets, the process blindly copies user supplied data into a stack-based buffer within CMountDismount::GetVaultDump. • http://www-01.ibm.com/support/docview.wss?uid=swg21699645 • CWE-284: Improper Access Control •

CVSS: 5.0EPSS: 0%CPEs: 10EXPL: 0

The _DAS_ReadBlockReply function in FastBackServer.exe in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via data in a TCP packet. NOTE: this might overlap CVE-2010-3060. La función _DAS_ReadBlockReply en FastBackServer.exe en el servidor de IBM Tivoli Storage Manager (TSM) Fastback v5.5.0.0 a v5.5.6.0 y v6.1.0.0 a v6.1.0.1 permite a atacantes remotos provocar una denegación de servicio (Mediante una desreferencia a puntero NULO y caída del demonio) a través del envío de datos en un paquete TCP. NOTA: esto puede superponerse a CVE-2010-3060. • http://www-01.ibm.com/support/docview.wss?uid=swg1IC69883 http://www.ibm.com/support/docview.wss?uid=swg21443820 http://www.securityfocus.com/archive/1/514063/100/0/threaded http://zerodayinitiative.com/advisories/ZDI-10-187 • CWE-399: Resource Management Errors •