IBM Tivoli Storage Manager Buffer Overflow Vulns and Patches

Published: 2006-12-05
Last Updated: 2006-12-05 16:28:18 UTC
by Ed Skoudis (Version: 1)
0 comment(s)
Looks like IBM Tivoli Storage Manager has a few buffer overflow vulnerabilities.  Read more about them here, courtesy of Tipping Point.

The money quote:

"These vulnerabilities allow attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Storage Manager. Authentication is not required to exploit these vulnerabilities.  The specific flaws are similar and exist in the processing of messages by the Tivoli Storage Manager service, bound on TCP port 1500. "

Patches from IBM described here.

Looks like IBM thinks they cannot be exploited, as they say, "This problem relates to an internal buffer overflow in TSM but IBM does not believe it is possible to exploit this buffer overflow for remote code execution, however, this exposure can be used to crash the TSM server."

Either way... if you use Tivoli, you should analyze this carefully.

0 comment(s)
Diary Archives