Four buffer overflows in IBM's Tivoli Storage Manager
Tipping Point is reporting on four buffer overflows in the data backup solution for IBM's Tivoli Storage Manager. Attackers can exploit them to gain control of a system without prior authentication. All four bugs are related to the processing of network communication for the Storage Manager Service via TCP Port 1500 and can be provoked through specially prepared requests. Each of the buffer overflows is susceptible to attackers planting and executing code through them. The bug affects Tivoli Storage Manager prior to version 5.2.9 as well as prior to version 5.3.4.
IBM has confirmed the bug, but speaks only of potential system crashes in its bug advisory. An update eliminates the buffer overflows.
- IBM Tivoli Storage Manager Multiple Buffer Overflow Vulnerabilities, bug advisory from Tipping Point
- TSM Server Abend with Invalid Requests, bug report from IBM