CVSS: 9.3EPSS: 78%CPEs: 11EXPL: 0CVE-2015-0120 – IBM Tivoli Storage Manager FastBack CRYPTO_S_EncryptBufferToBuffer Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-0120
Buffer overflow in the FastBackMount process in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.11.1 has unspecified impact and remote attack vectors. Desbordamiento de buffer en el proceso FastBackMount en IBM Tivoli Storage Manager FastBack 6.1 anterior a 6.1.11.1 tiene un impacto y vectores de ataque remotos sin especificar. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Storage Manager FastBack. Authentication is not required to exploit this vulnerability. The specific flaw exists within the CRYPTO_S_EncryptBufferToBuffer function. By sending a specially crafted packet on TCP port 30051, an attacker is able to cause a stack buffer overflow. • http://www-01.ibm.com/support/docview.wss?uid=swg21700549 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 82%CPEs: 7EXPL: 0CVE-2015-0119 – IBM Tivoli Storage Manager FastBack Mount CMountDismount::GetVaultDump Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-0119
FastBack Mount in IBM Tivoli Storage Manager FastBack 6.1.x before 6.1.11.1 allows remote attackers to execute arbitrary code by connecting to the Mount port. FastBack Mount en IBM Tivoli Storage Manager FastBack 6.1.x anterior a 6.1.11.1 permite a atacantes remotos ejecutar código arbitrario mediante la conexión al puerto Mount. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Storage Manager FastBack. Authentication is not required to exploit this vulnerability. The specific flaw exists within FastBackServer.exe which listens by default on TCP port 30051. When handling opcode 0x09 packets, the process blindly copies user supplied data into a stack-based buffer within CMountDismount::GetVaultDump. • http://www-01.ibm.com/support/docview.wss?uid=swg21699645 • CWE-284: Improper Access Control •
CVSS: 5.0EPSS: 0%CPEs: 10EXPL: 0CVE-2010-3755
https://notcve.org/view.php?id=CVE-2010-3755
The _DAS_ReadBlockReply function in FastBackServer.exe in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via data in a TCP packet. NOTE: this might overlap CVE-2010-3060. La función _DAS_ReadBlockReply en FastBackServer.exe en el servidor de IBM Tivoli Storage Manager (TSM) Fastback v5.5.0.0 a v5.5.6.0 y v6.1.0.0 a v6.1.0.1 permite a atacantes remotos provocar una denegación de servicio (Mediante una desreferencia a puntero NULO y caída del demonio) a través del envío de datos en un paquete TCP. NOTA: esto puede superponerse a CVE-2010-3060. • http://www-01.ibm.com/support/docview.wss?uid=swg1IC69883 http://www.ibm.com/support/docview.wss?uid=swg21443820 http://www.securityfocus.com/archive/1/514063/100/0/threaded http://zerodayinitiative.com/advisories/ZDI-10-187 • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 27%CPEs: 10EXPL: 0CVE-2010-3758
https://notcve.org/view.php?id=CVE-2010-3758
Multiple stack-based buffer overflows in FastBackServer.exe in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 allow remote attackers to execute arbitrary code via vectors involving the (1) AGI_SendToLog (aka _SendToLog) function; the (2) group, (3) workgroup, or (4) domain name field to the USER_S_AddADGroup function; the (5) user_path variable to the FXCLI_checkIndexDBLocation function; or (6) the _AGI_S_ActivateLTScriptReply (aka ActivateLTScriptReply) function. NOTE: this might overlap CVE-2010-3059. Múltiples desbordamientos de búfer basados en pila en FastBackServer.exe en el servidor de IBM Tivoli Storage Manager (TSM) Fastback v5.5.0.0 a v5.5.6.0 y 6.1.0.0 a v6.1.0.1 permiten a atacantes remotos ejecutar código arbitrario a través de vectores que afectan a (1) la función AGI_SendToLog (también conocida como _SendToLog), los campos (2) group , (3) workgroup, y (4) domain name , a la función USER_S_AddADGroup, (5) la variable user_path a la función FXCLI_checkIndexDBLocation, o (6)a la función _AGI_S_ActivateLTScriptReply (también conocido como ActivateLTScriptReply). NOTA: esto puede superponerse CVE-2010-3059. • http://www-01.ibm.com/support/docview.wss?uid=swg1IC69883 http://www.ibm.com/support/docview.wss?uid=swg21443820 http://www.securityfocus.com/archive/1/514059/100/0/threaded http://www.securityfocus.com/archive/1/514067/100/0/threaded http://www.securityfocus.com/archive/1/514072/100/0/threaded http://www.securityfocus.com/archive/1/514078/100/0/threaded http://zerodayinitiative.com/advisories/ZDI-10-180 http://zerodayinitiative.com/advisories/ZDI-10-181 http://zerodayinitiativ • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 1%CPEs: 10EXPL: 0CVE-2010-3759
https://notcve.org/view.php?id=CVE-2010-3759
FastBackMount.exe in the Mount service in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 writes a certain value to a memory location specified by a UDP packet field, which allows remote attackers to execute arbitrary code via multiple requests. NOTE: this might overlap CVE-2010-3058. FastBackMount.exe en el servicio de montaje de IBM Tivoli Storage Manager (TSM) Fastback v5.5.0.0 a v5.5.6.0 y v6.1.0.0 a v6.1.0.1 escribe un valor a una posición de memoria indicada por un campo de un paquete UDP, lo que permite a atacantes remotos ejecutar código arbitrario a través de múltiples peticiones. NOTA: esto puede superponerse con CVE-2010-3058. • http://www-01.ibm.com/support/docview.wss?uid=swg1IC69883 http://www.ibm.com/support/docview.wss?uid=swg21443820 http://www.securityfocus.com/archive/1/514068/100/0/threaded http://zerodayinitiative.com/advisories/ZDI-10-179 • CWE-94: Improper Control of Generation of Code ('Code Injection') •