CVE-2006-5855
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Multiple buffer overflows in IBM Tivoli Storage Manager (TSM) before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in (1) the language field at logon that begins with a 0x18 byte, (2) two unspecified parameters to the SmExecuteWdsfSession function, and (3) the contact field in an open registration message.
Múltiples desbordamientos de búfer en IBM Tivoli Storage Manager (TSM) anterior a 5.2.9 y 5.3.x anterior a 5.3.4 permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código de su elección mediante mediante una cadena larga en (1) el campo language al comenzar la sesión que empieza con un byte 0x18, (2) dos parámetros no especificados a la función SmExecuteWdsfSession , y (3) el campo contact en un mensaje de registro abierto.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2006-11-10 CVE Reserved
- 2006-12-06 CVE Published
- 2024-08-07 CVE Updated
- 2024-08-11 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (15)
| URL | Tag | Source |
|---|---|---|
| http://securityreason.com/securityalert/1979 | Third Party Advisory | |
| http://securitytracker.com/id?1017333 | Vdb Entry | |
| http://www.kb.cert.org/vuls/id/350625 | Third Party Advisory |
|
| http://www.kb.cert.org/vuls/id/478753 | Third Party Advisory |
|
| http://www.kb.cert.org/vuls/id/887249 | Third Party Advisory |
|
| http://www.securityfocus.com/archive/1/453544/100/0/threaded | Mailing List | |
| http://www.vupen.com/english/advisories/2006/4856 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/30699 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/30701 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/30702 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www-1.ibm.com/support/docview.wss?uid=swg1IC50347 | 2018-10-17 | |
| http://www-1.ibm.com/support/docview.wss?uid=swg21250261 | 2018-10-17 | |
| http://www.securityfocus.com/bid/21440 | 2018-10-17 |
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/23177 | 2018-10-17 | |
| http://www.tippingpoint.com/security/advisories/TSRT-06-14.html | 2018-10-17 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Ibm Search vendor "Ibm" | Tivoli Storage Manager Search vendor "Ibm" for product "Tivoli Storage Manager" | 5.2.7 Search vendor "Ibm" for product "Tivoli Storage Manager" and version "5.2.7" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Tivoli Storage Manager Search vendor "Ibm" for product "Tivoli Storage Manager" | 5.2.8 Search vendor "Ibm" for product "Tivoli Storage Manager" and version "5.2.8" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Tivoli Storage Manager Search vendor "Ibm" for product "Tivoli Storage Manager" | 5.3.0 Search vendor "Ibm" for product "Tivoli Storage Manager" and version "5.3.0" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Tivoli Storage Manager Search vendor "Ibm" for product "Tivoli Storage Manager" | 5.3.1 Search vendor "Ibm" for product "Tivoli Storage Manager" and version "5.3.1" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Tivoli Storage Manager Search vendor "Ibm" for product "Tivoli Storage Manager" | 5.3.2 Search vendor "Ibm" for product "Tivoli Storage Manager" and version "5.3.2" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Tivoli Storage Manager Search vendor "Ibm" for product "Tivoli Storage Manager" | 5.3.3 Search vendor "Ibm" for product "Tivoli Storage Manager" and version "5.3.3" | - |
Affected
| ||||||