CVE-2008-4801

Name of the Vulnerable Software and Affected Versions IBM Tivoli Storage Manager (TSM) versions 5.1.0.0 through 5.1.8.1 IBM Tivoli Storage Manager (TSM) versions 5.2.0.0 through 5.2.5.2 IBM Tivoli Storage Manager (TSM) versions 5.3.0.0 through 5.3.6.1 IBM Tivoli Storage Manager (TSM) versions 5.4.0.0 through 5.4.2.2 IBM Tivoli Storage Manager (TSM) versions 5.5.0.0 through 5.5.0.91 TSM Express Backup-Archive client (affected versions not specified)

Description A heap-based buffer overflow issue exists in the Data Protection for SQL CAD service, allowing remote attackers to execute arbitrary code by sending a large amount of crafted data to a TCP port.

Recommendations For versions 5.1.0.0 through 5.1.8.1, update to a version outside of this range to resolve the issue. For versions 5.2.0.0 through 5.2.5.2, update to a version outside of this range to resolve the issue. For versions 5.3.0.0 through 5.3.6.1, update to a version outside of this range to resolve the issue. For versions 5.4.0.0 through 5.4.2.2, update to a version outside of this range to resolve the issue. For versions 5.5.0.0 through 5.5.0.91, update to a version outside of this range to resolve the issue. For TSM Express Backup-Archive client, at the moment, there is no information about a newer version that contains a fix for this issue.