A buffer overflow condition exists in the IBM Tivoli Storage manager server. If successfully exploited, this vulnerability would allow an attacker to cause a denial-of-service condition or possibly execute arbitrary code.
The IBM Tivoli Storage Manager (TSM) is a remote backup software package that runs on clients and servers. TSM clients must register and authenticate to servers before performing backup functions.
From TippingPoint Advisory TSRT-06-14:
A remote, unauthenticated attacker may be able to cause the TSM server to crash, thereby creating a denial-of-service condition. It may also be possible for the attacker to execute arbitrary code in the context of the TSM server.
An update provided by IBM may address this issue.
This report was based on information from Tipping Point Advisory TSRT-06-14
|Date First Published:||2007-02-05|
|Date Last Updated:||2007-02-09 15:49 UTC|