Vigil@nce: IBM Tivoli Storage Manager, three vulnerabilities of the client
July 2011 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
A local attacker can use three vulnerabilities of the IBM Tivoli
Storage Manager client, in order to alter a file or to create a
denial of service.
– Severity: 2/4
– Creation date: 04/07/2011
IMPACTED PRODUCTS
– IBM Tivoli Storage Manager
DESCRIPTION OF THE VULNERABILITY
Three vulnerabilities were announced in the IBM Tivoli Storage
Manager client.
On Windows and AIX, a local attacker can use a buffer overflow of
JBB (Journal Based Backup), in order to elevate his privileges.
[severity:2/4; CVE-2011-1222, IC77049]
On Windows, a local attacker can use a buffer overflow in the
processing of Alternate Data Stream, in order to elevate his
privileges. [severity:2/4; CVE-2011-1223, IC77052]
On Windows with a Microsoft EFS encryption, a local attacker can
use an Alternate Data Stream, in order to corrupt the backup.
[severity:1/4; IC74905]
A local attacker can therefore use three vulnerabilities of the
IBM Tivoli Storage Manager client, in order to alter a file or to
create a denial of service.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN