CVE-2009-3853

Name of the Vulnerable Software and Affected Versions IBM Tivoli Storage Manager (TSM) versions 5.3 through 5.3.6.7 IBM Tivoli Storage Manager (TSM) versions 5.4 through 5.4.3 IBM Tivoli Storage Manager (TSM) versions 5.5 through 5.5.2.2 IBM Tivoli Storage Manager (TSM) versions 6.1 through 6.1.0.2 IBM TSM Express versions 5.3.3.0 through 5.3.6.6

Description A stack-based buffer overflow issue exists in the client acceptor daemon (CAD) scheduler, allowing remote attackers to execute arbitrary code via crafted data in a TCP packet.

Recommendations For IBM Tivoli Storage Manager (TSM) versions 5.3 through 5.3.6.7, update to version 5.3.6.7 or later. For IBM Tivoli Storage Manager (TSM) versions 5.4 through 5.4.3, update to version 5.4.3 or later. For IBM Tivoli Storage Manager (TSM) versions 5.5 through 5.5.2.2, update to version 5.5.2.2 or later. For IBM Tivoli Storage Manager (TSM) versions 6.1 through 6.1.0.2, update to version 6.1.0.2 or later. For IBM TSM Express versions 5.3.3.0 through 5.3.6.6, update to a version later than 5.3.6.6.