CVE-2010-3058
https://notcve.org/view.php?id=CVE-2010-3058
The Mount service in IBM Tivoli Storage Manager (TSM) FastBack 5.x.x before 5.5.7, and 6.1.0.0, establishes an open UDP port, which might allow remote attackers to overwrite memory locations and execute arbitrary code, or cause a denial of service (application hang), via unspecified vectors. El servicio Mount en IBM Tivoli Storage Manager (TSM) FastBack v5.x.x anterior a v5.5.7, y v6.1.0.0, establece un puerto UDP abierto, lo que podría permitir a atacantes remotos sobreescribir direcciones de memoria y ejecutar código de su elección, o provocar una denegación de servicio (cuelgue de aplicación), a trvés de vectores desconocidos. • http://secunia.com/advisories/41044 http://www-01.ibm.com/support/docview.wss?uid=swg1IC69883 http://www-01.ibm.com/support/docview.wss?uid=swg21443820 http://www.securityfocus.com/bid/42549 • CWE-399: Resource Management Errors •
CVE-2010-3060
https://notcve.org/view.php?id=CVE-2010-3060
Unspecified vulnerability in the message-protocol implementation in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.x.x before 5.5.7, and 6.1.0.0, allows remote attackers to cause a denial of service (daemon outage) via unknown vectors. Vulnerabilidad sin especificar en el protocolo de implementación message en IBM Tivoli Storage Manager (TSM) FastBack v5.x.x anterior a v5.5.7, y v6.1.0.0, permite a atacantes remotos provocar ua denegación de servicio (agotamiento de demonio) a través de vectores desconocidos. • http://secunia.com/advisories/41044 http://www-01.ibm.com/support/docview.wss?uid=swg1IC69883 http://www-01.ibm.com/support/docview.wss?uid=swg21443820 http://www.securityfocus.com/bid/42549 •
CVE-2009-3854
https://notcve.org/view.php?id=CVE-2009-3854
Buffer overflow in the traditional client scheduler in the client in IBM Tivoli Storage Manager (TSM) 5.3 before 5.3.6.7 and 5.4 before 5.4.2 allows remote attackers to execute arbitrary code via unspecified vectors. Desbordamiento de búfer en traditional client scheduler en the client en IBM Tivoli Storage Manager (TSM) v5.3 anteriores a v5.3.6.7 y v5.4 anteriores a v5.4.2 • http://secunia.com/advisories/32534 http://securitytracker.com/id?1023136 http://www-01.ibm.com/support/docview.wss?uid=swg1IC61058 http://www-01.ibm.com/support/docview.wss?uid=swg21405562 http://www.vupen.com/english/advisories/2009/3132 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2009-3855
https://notcve.org/view.php?id=CVE-2009-3855
Multiple unspecified vulnerabilities in the (1) UNIX and (2) Linux backup-archive clients, and the (3) OS/400 API client, in IBM Tivoli Storage Manager (TSM) 5.3 before 5.3.6.6, 5.4 before 5.4.2, and 5.5 before 5.5.1, when the MAILPROG option is enabled, allow attackers to read, modify, or delete arbitrary files via unknown vectors. Múltiples vulnerabilidades sin especificar en (1) UNIX y (2) clientes Linux backup-archive, y (3)el cliente API de OS/400, en IBM Tivoli Storage Manager (TSM) v5.3 anteriores a v5.3.6.6, v5.4 anteriores a v5.4.2, y v5.5 anteriores a v5.5.1, • http://secunia.com/advisories/32534 http://www-01.ibm.com/support/docview.wss?uid=swg1IC54489 http://www-01.ibm.com/support/docview.wss?uid=swg21405562 http://www.vupen.com/english/advisories/2009/3132 •
CVE-2009-3853 – IBM Tivoli Storage Manager Express CAD Service - Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2009-3853
Stack-based buffer overflow in the client acceptor daemon (CAD) scheduler in the client in IBM Tivoli Storage Manager (TSM) 5.3 before 5.3.6.7, 5.4 before 5.4.3, 5.5 before 5.5.2.2, and 6.1 before 6.1.0.2, and TSM Express 5.3.3.0 through 5.3.6.6, allows remote attackers to execute arbitrary code via crafted data in a TCP packet. Un desbordamiento de búfer en la región stack de la memoria en el planificador del demonio de aceptación de cliente (CAD) en el cliente en Tivoli Storage Manager (TSM) versiones 5.3 anteriores a 5.3.6.7, versiones 5.4 anteriores a 5.4.3, versiones 5.5 anteriores a 5.5.2.2, y versiones 6.1 anteriores a 6.1.0.2, y TSM Express versiones 5.3.3.0 hasta 5.3.6.6, de IBM, permite a los atacantes remotos ejecutar código arbitrario por medio de datos especialmente diseñados en un paquete TCP. • https://www.exploit-db.com/exploits/16421 http://secunia.com/advisories/32534 http://secunia.com/secunia_research/2008-51 http://securitytracker.com/id?1023136 http://www-01.ibm.com/support/docview.wss?uid=swg1IC61036 http://www-01.ibm.com/support/docview.wss?uid=swg21405562 http://www.securityfocus.com/archive/1/507654/100/0/threaded http://www.vupen.com/english/advisories/2009/3132 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •