PT-2010-5048 · Ibm · Ibm Tivoli Storage Manager Fastback

Sebastian Apelt

Published

2010-10-05

Updated

2018-10-10

CVE-2010-3759

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions IBM Tivoli Storage Manager (TSM) FastBack versions 5.5.0.0 through 5.5.6.0 IBM Tivoli Storage Manager (TSM) FastBack versions 6.1.0.0 through 6.1.0.1

Description The issue allows remote attackers to execute arbitrary code via multiple requests, by writing a certain value to a memory location specified by a UDP packet field in the FastBackMount.exe of the Mount service.

Recommendations For versions 5.5.0.0 through 5.5.6.0, update to a version outside of this range to resolve the issue. For versions 6.1.0.0 through 6.1.0.1, update to a version outside of this range to resolve the issue.

Fix

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-94

Related Identifiers

CVE-2010-3759

Affected Products

Ibm Tivoli Storage Manager Fastback

PT-2010-5048 · Ibm · Ibm Tivoli Storage Manager Fastback

CVE-2010-3759

Weakness Enumeration

Related Identifiers

Affected Products

References · 5