10

CVE-2006-5855

Multiple buffer overflows in IBM Tivoli Storage Manager (TSM) before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in (1) the language field at logon that begins with a 0x18 byte, (2) two unspecified parameters to the SmExecuteWdsfSession function, and (3) the contact field in an open registration message.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmTivoli Storage Manager Version5.2.7
IbmTivoli Storage Manager Version5.2.8
IbmTivoli Storage Manager Version5.3.0
IbmTivoli Storage Manager Version5.3.1
IbmTivoli Storage Manager Version5.3.2
IbmTivoli Storage Manager Version5.3.3
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 26.5% 0.978
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/23177
Vendor Advisory
http://securityreason.com/securityalert/1979
http://securitytracker.com/id?1017333
http://www-1.ibm.com/support/docview.wss?uid=swg1IC50347
Patch
Vendor Advisory
http://www-1.ibm.com/support/docview.wss?uid=swg21250261
Patch
Vendor Advisory
http://www.kb.cert.org/vuls/id/350625
US Government Resource
http://www.kb.cert.org/vuls/id/478753
US Government Resource
http://www.kb.cert.org/vuls/id/887249
US Government Resource
http://www.securityfocus.com/archive/1/453544/100/0/threaded
http://www.securityfocus.com/bid/21440
Patch
Vendor Advisory
http://www.tippingpoint.com/security/advisories/TSRT-06-14.html
Vendor Advisory
http://www.vupen.com/english/advisories/2006/4856
https://exchange.xforce.ibmcloud.com/vulnerabilities/30699
https://exchange.xforce.ibmcloud.com/vulnerabilities/30701
https://exchange.xforce.ibmcloud.com/vulnerabilities/30702