CVE-2010-3760

Name of the Vulnerable Software and Affected Versions IBM Tivoli Storage Manager (TSM) FastBack versions 5.5.0.0 through 5.5.6.0 IBM Tivoli Storage Manager (TSM) FastBack versions 6.1.0.0 through 6.1.0.1

Description The issue arises from improper handling of memory allocation failure by FastBackMount.exe in the Mount service, allowing remote attackers to cause a denial of service. This can be achieved by specifying a large size value within TCP packet data, leading to a NULL pointer dereference and daemon crash, as well as recovery failure.

Recommendations For versions 5.5.0.0 through 5.5.6.0, update to a version outside of this range to resolve the issue. For versions 6.1.0.0 through 6.1.0.1, update to a version outside of this range to resolve the issue. As a temporary workaround, consider restricting access to the Mount service to minimize the risk of exploitation.