Signature Detail
Short Name |
APP:IBM:TSM-CLIENT-OF |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
Tivoli Storage Manager Client Buffer Overflow |
Release Date |
2007/10/30 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
APP: Tivoli Storage Manager Client Buffer Overflow
This signature detects attempts to exploit a known vulnerability in IBM Tivoli Client 5.1 through 5.4. An attacker can send a large HTTP Header line in an attempt to overflow a buffer and execute arbitrary code.
Extended Description
IBM Tivoli Storage Manager client is prone to multiple vulnerabilities that can allow attackers to crash the client, execute arbitrary code in the context of the application, or gain unauthorized access to a client's data. These issues affect Tivoli Storage Manager client 5.1, V5.2, V5.3, and V5.4.
Affected Products
- IBM Tivoli Storage Manager 5.1 Client
- IBM Tivoli Storage Manager 5.2.3 .4 Client
- IBM Tivoli Storage Manager 5.2 Client
- IBM Tivoli Storage Manager 5.3 Client
- IBM Tivoli Storage Manager 5.4 Client
References
- BugTraq: 25743
- CVE: CVE-2007-4880