• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

IBM Tivoli Storage Manager Client Remote Heap Buffer Overflow Vulnerability

The IBM Tivoli Storage Manager Client is prone to a remote heap-based buffer-overflow vulnerability.

Successfully exploiting this issue would allow a remote attacker to corrupt memory and execute arbitrary code in the context of the IBM Tivoli Storage Manager (TSM) Backup-Archive client.

The following versions of TSM are vulnerable:

TSM 5.5 with client levels 5.5.0.0 to 5.5.0.7
TSM 5.4 with client levels 5.4.0.0 to 5.4.2.2
TSM 5.3 with client levels 5.3.0.0 to 5.3.6.1
TSM 5.2 with client levels 5.2.0.0 to 5.2.5.2
TSM 5.1 with client levels 5.1.0.0 to 5.1.8.1
TSM Express all levels