News
Vigil@nce - IBM Tivoli Storage Manager FastBack: several vulnerabilities
August 2010 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/
SYNTHESIS OF THE VULNERABILITY
Several vulnerabilities were announced in IBM Tivoli Storage Manager FastBack.
Severity: 2/4
Creation date: 20/08/2010
DESCRIPTION OF THE VULNERABILITY
Several vulnerabilities were announced in IBM Tivoli Storage Manager FastBack.
The Mount service uses a UDP port to communicate with clients. An attacker can connect to this port and send malicious data in order to corrupt memory or execute code. [severity:2/4; CVE-2010-3058]
An attacker can force the server to execute remote code. When this occures, a buffer overflow happens. An attacker can therefore generate a buffer overflow in FastBack Server in order to read or write data. [severity:2/4; CVE-2010-3059]
An attacker can connect to this server and send malicious data in order to generate a denial of service. [severity:2/4; CVE-2010-3061]
An attacker can connect to the server and send malicious Shell data in order to generate a denial of service. [severity:2/4; CVE-2010-3060]
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
GOLD SPONSOR
