The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of TSM

computer vulnerability bulletin CVE-2012-2190

IBM GSKit: denial of service via Handshake

Synthesis of the vulnerability

An attacker can inject a malicious packet during the Handshake of a TLS session, in order to stop applications linked to IBM GSKit.
Impacted products: DB2 UDB, Informix Server, Tivoli Directory Server, Tivoli Storage Manager, WebSphere AS Traditional.
Severity: 2/4.
Consequences: denial of service on service.
Provenance: internet client.
Creation date: 08/10/2012.
Identifiers: 1450666, 1672360, BID-54743, CERTA-2012-AVI-552, CERTA-2013-AVI-159, CVE-2012-2190, IC90385, IC90395, IC90396, IC90397, swg21609030, swg21620711, swg21626749, swg27014463.html, swg27022958, VIGILANCE-VUL-12038.

Description of the vulnerability

The IBM Global Security Kit product implements SSL/TLS for several IBM products.

However, a malicious TLS message received during the Handshake generates an error in GSKit.

An attacker can therefore inject a malicious packet during the Handshake of a TLS session, in order to stop applications linked to IBM GSKit.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2012-2191

IBM GSKit: denial of service via CBC/AEAD

Synthesis of the vulnerability

An attacker can inject a malicious packet in a TLS session, in order to stop applications linked to IBM GSKit.
Impacted products: DB2 UDB, Tivoli Directory Server, Tivoli Storage Manager, WebSphere AS Traditional, WebSphere MQ.
Severity: 2/4.
Consequences: denial of service on service.
Provenance: internet client.
Creation date: 08/10/2012.
Identifiers: 1450666, 1672362, BID-54743, CERTA-2012-AVI-552, CERTA-2013-AVI-159, CVE-2012-2191, IC87061, IC90385, IC90395, IC90396, IC90397, swg21609029, swg21614483, swg21626749, swg27014224, swg27014463.html, swg27022958, VIGILANCE-VUL-12037.

Description of the vulnerability

The IBM Global Security Kit product implements SSL/TLS for several IBM products.

However, a TLS message using the CBC or AEAD (Authenticated Encryption with Associated Data) algorithms generates an error in GSKit.

An attacker can therefore inject a malicious packet in a TLS session, in order to stop applications linked to IBM GSKit.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2011-1222 CVE-2011-1223

IBM Tivoli Storage Manager: three vulnerabilities of the client

Synthesis of the vulnerability

A local attacker can use three vulnerabilities of the IBM Tivoli Storage Manager client, in order to alter a file or to create a denial of service.
Impacted products: Tivoli Storage Manager.
Severity: 2/4.
Consequences: privileged access/rights, data reading, data creation/edition, data deletion, denial of service on service.
Provenance: user shell.
Number of vulnerabilities in this bulletin: 3.
Creation date: 04/07/2011.
Identifiers: 21457604, BID-48519, CVE-2011-1222, CVE-2011-1223, IC74905, IC77049, IC77052, VIGILANCE-VUL-10804.

Description of the vulnerability

Three vulnerabilities were announced in the IBM Tivoli Storage Manager client.

On Windows and AIX, a local attacker can use a buffer overflow of JBB (Journal Based Backup), in order to elevate his privileges. [severity:2/4; CVE-2011-1222, IC77049]

On Windows, a local attacker can use a buffer overflow in the processing of Alternate Data Stream, in order to elevate his privileges. [severity:2/4; CVE-2011-1223, IC77052]

On Windows with a Microsoft EFS encryption, a local attacker can use an Alternate Data Stream, in order to corrupt the backup. [severity:1/4; IC74905]

A local attacker can therefore use three vulnerabilities of the IBM Tivoli Storage Manager client, in order to alter a file or to create a denial of service.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2010-4476

Java JRE: denial of service via a real

Synthesis of the vulnerability

An attacker can use a special double floating point number, in order to create an infinite loop in Java programs.
Impacted products: Debian, Fedora, HPE BAC, HPE NNMi, OpenView, OpenView NNM, Tru64 UNIX, HP-UX, AIX, DB2 UDB, Tivoli Directory Server, Tivoli Storage Manager, Tivoli System Automation, Tivoli Workload Scheduler, WebSphere AS Traditional, WebSphere MQ, JBoss AS OpenSource, Mandriva Linux, NLD, OES, Java OpenJDK, openSUSE, Oracle iPlanet Web Server, Java Oracle, Oracle Web Tier, RHEL, JBoss EAP by Red Hat, SLES.
Severity: 3/4.
Consequences: denial of service on service, denial of service on client.
Provenance: document.
Creation date: 02/02/2011.
Identifiers: 1468291, BID-46091, c02729756, c02738573, c02746026, c02752210, c02775276, c02826781, c02906075, c03090723, c03316985, CERTA-2002-AVI-271, CERTA-2012-AVI-286, cpuapr2011, CVE-2010-4476, DSA-2161-1, DSA-2161-2, FEDORA-2011-1231, FEDORA-2011-1263, HPSBMU02690, HPSBTU02684, HPSBUX02633, HPSBUX02641, HPSBUX02642, HPSBUX02645, HPSBUX02685, HPSBUX02725, HPSBUX02777, IZ94331, javacpufeb2011, MDVSA-2011:054, openSUSE-SU-2011:0126-1, PM32175, PM32177, PM32184, PM32192, PM32194, RHSA-2011:0210-01, RHSA-2011:0211-01, RHSA-2011:0212-01, RHSA-2011:0213-01, RHSA-2011:0214-01, RHSA-2011:0282-01, RHSA-2011:0290-01, RHSA-2011:0291-01, RHSA-2011:0292-01, RHSA-2011:0299-01, RHSA-2011:0333-01, RHSA-2011:0334-01, RHSA-2011:0336-01, RHSA-2011:0348-01, RHSA-2011:0349-01, RHSA-2011:0880-01, SSRT100387, SSRT100390, SSRT100412, SSRT100415, SSRT100505, SSRT100569, SSRT100627, SSRT100854, SUSE-SA:2011:010, SUSE-SA:2011:014, SUSE-SR:2011:008, SUSE-SU-2011:0823-1, swg21469266, swg24030066, swg24030067, VIGILANCE-VUL-10321.

Description of the vulnerability

The number 2.2250738585072011e-308 if the "largest subnormal double number" (in base 2 : 0x0fffffffffffff x 2^-1022).

On a x86 processor, the Java JRE uses x87 FPU registers (80 bit), in order to find bit-after-bit the closest real value. This loop stops when the remainder is inferior to the precision. However, with the number 2.225..., this stop condition is never true (80 bit rounded to 64 bit), and an infinite loop occurs.

An attacker can therefore use a special double floating point number, in order to create an infinite loop in Java programs.

The origin of this vulnerability is the same as VIGILANCE-VUL-10257.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2010-4605 CVE-2010-4606

IBM TSM Client: three vulnerabilities

Synthesis of the vulnerability

A local or remote attacker can use three vulnerabilities of the Unix/Linux IBM Tivoli Storage Manager Client, in order to read, alter or delete files.
Impacted products: Tivoli Storage Manager.
Severity: 3/4.
Consequences: data reading, data creation/edition, data deletion.
Provenance: intranet server.
Number of vulnerabilities in this bulletin: 3.
Creation date: 15/12/2010.
Revision date: 16/12/2010.
Identifiers: BID-45401, CVE-2010-4605, CVE-2010-4606, IC65491, IC66686, IC69150, VIGILANCE-VUL-10220.

Description of the vulnerability

Three vulnerabilities were announced in the Unix/Linux IBM Tivoli Storage Manager client.

A local attacker can use a long LANG environment variable, in order to generate a buffer overflow in the GeneratePassword() function of the dsmtca program (Trusted Communications Agent). The attacker can thus execute code and access to system files on the computer. [severity:2/4; IC65491]

A local attacker can replace system files of the computer. [severity:2/4; CVE-2010-4605, IC66686]

A remote attacker can execute a script via TSM for Space Management (HSM), in order to access to files on the computer. [severity:3/4; CVE-2010-4606, IC69150]

A local or remote attacker can therefore use three vulnerabilities of the Unix/Linux IBM TSM Client, in order to read, alter or delete files.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2010-3754 CVE-2010-3755 CVE-2010-3756

IBM TSM: several vulnerabilities of FastBack

Synthesis of the vulnerability

A remote attacker can use several vulnerabilities of IBM Tivoli Storage Manager Fastback, in order to create a denial of service or to execute code.
Impacted products: Tivoli Storage Manager.
Severity: 3/4.
Consequences: privileged access/rights, user access/rights, denial of service on service.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 11.
Creation date: 30/09/2010.
Identifiers: 1443820, CVE-2010-3754, CVE-2010-3755, CVE-2010-3756, CVE-2010-3757, CVE-2010-3758, CVE-2010-3759, CVE-2010-3760, VIGILANCE-VUL-9988, ZDI-10-179, ZDI-10-180, ZDI-10-181, ZDI-10-182, ZDI-10-183, ZDI-10-184, ZDI-10-185, ZDI-10-186, ZDI-10-187, ZDI-10-188, ZDI-10-200.

Description of the vulnerability

Several vulnerabilities were announced in IBM Tivoli Storage Manager Fastback.

An attacker can send an UDP packet to the Mount service (FastBackMount.exe, 30005/udp), in order to change a byte in memory. [severity:3/4; CVE-2010-3759, ZDI-10-179]

An attacker can send a long log message to the FastBackServer.exe server (11406/tcp), in order to generate an overflow in AGI_SendToLog(). [severity:3/4; CVE-2010-3758, ZDI-10-180]

An attacker can send a long message to the FastBackServer.exe server (11406/tcp), in order to generate an overflow in _AGI_S_ActivateLTScriptReply(). [severity:3/4; CVE-2010-3758, ZDI-10-181]

An attacker can send a long message to the FastBackServer.exe server (11406/tcp), in order to generate an overflow in FXCLI_OraBR_Exec_Command(). [severity:3/4; CVE-2010-3754, ZDI-10-182]

An attacker can send a long message to the FastBackServer.exe server (11406/tcp), in order to generate an overflow in FXCLI_checkIndexDBLocation(). [severity:3/4; CVE-2010-3758, ZDI-10-183]

An attacker can send a long message to the FastBackServer.exe server (11406/tcp), in order to generate an overflow in USER_S_AddADGroup(). [severity:3/4; CVE-2010-3758, ZDI-10-184]

An attacker can send a special message to the FastBackServer.exe server (11406/tcp), in order to generate a format string attack in _Eventlog(). [severity:3/4; CVE-2010-3757, ZDI-10-185]

An attacker can send a long message to the FastBackServer.exe server (11406/tcp), in order to generate an error in _CalcHashValueWithLength(), which stops the service. [severity:2/4; CVE-2010-3756, ZDI-10-186]

An attacker can send a long message to the FastBackServer.exe server (11406/tcp), in order to dereference a NULL pointer in _DAS_ReadBlockReply(), which stops the service. [severity:2/4; CVE-2010-3755, ZDI-10-187]

An attacker can send a long 0xFAFBFCFD message to the FastBackServer.exe server (1320/tcp), in order to generate a buffer overflow. [severity:3/4; ZDI-10-200]

An attacker can send a malicious packet to the Mount service (FastBackMount.exe, 30051/tcp), in order to dereference a NULL pointer. [severity:1/4; CVE-2010-3760, ZDI-10-188]

A remote attacker can therefore use several vulnerabilities of IBM Tivoli Storage Manager Fastback, in order to create a denial of service or to execute code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2010-3058 CVE-2010-3059 CVE-2010-3060

IBM Tivoli Storage Manager FastBack: several vulnerabilities

Synthesis of the vulnerability

Several vulnerabilities were announced in IBM Tivoli Storage Manager FastBack.
Impacted products: Tivoli Storage Manager.
Severity: 2/4.
Consequences: data reading, denial of service on service.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 4.
Creation date: 20/08/2010.
Identifiers: 1443820, BID-42549, CVE-2010-3058, CVE-2010-3059, CVE-2010-3060, CVE-2010-3061, VIGILANCE-VUL-9857.

Description of the vulnerability

Several vulnerabilities were announced in IBM Tivoli Storage Manager FastBack.

The Mount service uses an UDP port to communicate with clients. An attacker can connect to this port and send malicious data in order to corrupt memory or execute code. [severity:2/4; CVE-2010-3058]

An attacker can force the server to execute remote code. When this occurs, a buffer overflow happens. An attacker can therefore generate a buffer overflow in FastBack Server in order to read or write data. [severity:2/4; CVE-2010-3059]

An attacker can connect to the server and send malicious data in order to generate a denial of service. [severity:2/4; CVE-2010-3061]

An attacker can connect to the server and send malicious Shell data in order to generate a denial of service. [severity:2/4; CVE-2010-3060]
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2009-3555 CVE-2010-0472 CVE-2010-3196

Tivoli Storage Manager: vulnerabilities de DB2

Synthesis of the vulnerability

Four vulnerabilities of IBM DB2 impact IBM Tivoli Storage Manager Server.
Impacted products: Tivoli Storage Manager.
Severity: 2/4.
Consequences: privileged access/rights, data reading, data creation/edition, denial of service on service.
Provenance: user account.
Number of vulnerabilities in this bulletin: 4.
Creation date: 27/07/2010.
Identifiers: BID-36935, BID-38018, BID-40446, CVE-2009-3555, CVE-2010-0472, CVE-2010-3196, CVE-2010-3197, IC67008, IC67819, IC67848, IC68762, IC69118, VIGILANCE-VUL-9793.

Description of the vulnerability

The VIGILANCE-VUL-9677 bulletin describes 4 vulnerabilities of IBM DB2 9.7.

These vulnerabilities also impact IBM Tivoli Storage Manager Server version 6.2, because IBM DB2 version 9.7 Fixpack 2 is not installed.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2009-3853 CVE-2009-3854 CVE-2009-3855

IBM TSM: several vulnerabilities of the client

Synthesis of the vulnerability

Three vulnerabilities of the IBM Tivoli Storage Manager client can be used by an attacker to execute code.
Impacted products: Tivoli Storage Manager.
Severity: 3/4.
Consequences: data reading, data creation/edition, data deletion.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 3.
Creation date: 05/11/2009.
Revision date: 21/12/2009.
Identifiers: 1405562, BID-36916, CVE-2008-4826-REJECT, CVE-2009-3853, CVE-2009-3854, CVE-2009-3855, IC54489, IC61036, IC61058, VIGILANCE-VUL-9171.

Description of the vulnerability

Three vulnerabilities of the IBM Tivoli Storage Manager client can be used by an attacker to execute code.

An attacker can generate a buffer overflow in Client Acceptor Daemon (CAD) scheduler. The attacker can then execute code. [severity:3/4; CVE-2009-3853, IC61036]

An attacker can generate a buffer overflow in Traditional Client Scheduler. The attacker can then execute code. [severity:3/4; CVE-2009-3854, IC61058]

A vulnerability exists for OS/400 API, UNIX and Linux backup-archive clients when MAILPROG option is used. An attacker can access victim's files by bypassing access restrictions. [severity:3/4; CVE-2009-3855, IC54489]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2008-4828 CVE-2009-1520 CVE-2009-1521

IBM TSM: several vulnerabilities of the client

Synthesis of the vulnerability

Four vulnerabilities of the IBM Tivoli Storage Manager client can be used by an attacker to execute code.
Impacted products: Tivoli Storage Manager.
Severity: 3/4.
Consequences: user access/rights.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 4.
Creation date: 04/05/2009.
Revision date: 21/12/2009.
Identifiers: 1384389, BID-34803, CERTA-2009-AVI-178, CVE-2008-4828, CVE-2009-1520, CVE-2009-1521, CVE-2009-1522, IC59513, IC59779, IC59781, IC59994, VIGILANCE-VUL-8689.

Description of the vulnerability

Four vulnerabilities of the IBM Tivoli Storage Manager client can be used by an attacker to execute code.

An attacker can generate two buffer overflows in Web GUI and Java GUI clients (IBM Tivoli Storage Manager Agent Client, dsmagent.exe). The attacker can then execute code. [severity:3/4; CERTA-2009-AVI-178, CVE-2008-4828, IC59513]

An attacker can generate a buffer overflow in the Web GUI client. The attacker can then execute code. [severity:3/4; CVE-2009-1520, IC59994]

An attacker can access to victim's files via Java GUI. [severity:3/4; CVE-2009-1521, IC59779]

An attacker can use a Man-in-the-middle on the SSL session (AIX and Windows only) to read victim's files. [severity:3/4; CVE-2009-1522, IC59781]
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about TSM: