PT-2002-1591 · Ibm · Tivoli Storage Manager Tsm Client Acceptor Service+1

Published

2002-06-11

Updated

2008-09-05

CVE-2002-0541

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Tivoli Storage Manager TSM versions 3.1 through 5.1 Tivoli Storage Manager TSM Client Acceptor Service versions 4.2 and 5.1

Description A buffer overflow issue allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request to port 1580 or port 1581.

Recommendations For Tivoli Storage Manager TSM versions 3.1 through 5.1, update to a version that includes a fix for this issue. For Tivoli Storage Manager TSM Client Acceptor Service versions 4.2 and 5.1, update to a version that includes a fix for this issue. As a temporary workaround, consider restricting access to ports 1580 and 1581 to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2002-0541

Affected Products

Ibm Tivoli Storage Manager

Tivoli Storage Manager Tsm Client Acceptor Service

PT-2002-1591 · Ibm · Tivoli Storage Manager Tsm Client Acceptor Service+1

CVE-2002-0541

Related Identifiers

Affected Products

References · 8