Vulnerability Note VU#478753
IBM Tivoli Storage Manager vulnerable to a buffer overflow
A buffer overflow condition exists in the IBM Tivoli Storage manager. If successfully exploited, this vulnerability would allow an attacker to cause a denial-of-service condition or possibly execute arbitrary code.
The IBM Tivoli Storage Manager (TSM) is a remote backup software package that runs on clients and servers. TSM clients must register with servers before performing backup functions. TSM servers can be configured to allow closed or open registration. Per the Tivoli User Guide, in open registration, when a user accesses a server from an unregistered client, the server prompts the user for a node name, password, and contact information before registering the workstation.
A buffer overflow vulnerability exists in the way the TSM server performs this open registration message proccessing. An attacker may be able to send a specially crafted registration message to a vulnerable TSM server that triggers the overflow.
A remote, unauthenticated attacker may be able to cause the TSM server to crash, thereby creating a denial-of-service condition. It may also be possible for the attacker to execute arbitrary code in the context of the TSM server.
Restricting access to port 1500/tcp at the network perimeter may mitigate the effects of this vulnerability. Note that an administrator can change the port that the TSM servers use with the port_address parameter.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|IBM Corporation||Affected||-||08 Dec 2006|
CVSS Metrics (Learn More)
This report was based on information from Tipping Point Advisory TSRT-06-14.
This document was written by Ryan Giobbi.
- CVE IDs: CVE-2006-5855
- Date Public: 04 Dec 2006
- Date First Published: 05 Feb 2007
- Date Last Updated: 09 Feb 2007
- Severity Metric: 0.50
- Document Revision: 41
If you have feedback, comments, or additional information about this vulnerability, please send us email.