HOME > VULNERABILITY NOTES


   VULNERABILITY NOTE

 

CERT-In Vulnerability Note CIVN-2009-62
IBM Tivoli Storage Manager Remote Agent Service Buffer Overflow Vulnerabilities

Original Issue Date:May 11, 2009

Severity Rating: High

Systems Affected

  • IBM Tivoli Storage Manager Express 5.3
  • IBM Tivoli Storage Manager Express 5.3.3.0
  • IBM Tivoli Storage Manager Express 5.3.6.4
  • IBM Tivoli Storage Manager Client 5.2
  • IBM Tivoli Storage Manager Client 5.2.5.1
  • IBM Tivoli Storage Manager Client 5.2.5.2
  • IBM Tivoli Storage Manager Client 5.2.5.3
  • IBM Tivoli Storage Manager Client 5.3
  • IBM Tivoli Storage Manager Client 5.3.5.2
  • IBM Tivoli Storage Manager Client 5.3.5.3
  • IBM Tivoli Storage Manager Client 5.3.6.3
  • IBM Tivoli Storage Manager Client 5.3.6.4
  • IBM Tivoli Storage Manager Client 5.4
  • IBM Tivoli Storage Manager Client 5.4.1.1
  • IBM Tivoli Storage Manager Client 5.4.1.2
  • IBM Tivoli Storage Manager Client 5.4.1.96

Overview

Multiple vulnerabilities have been reported in IBM Tivoli Storage Manager (TSM) client, which could be exploited by remote attackers to bypass security restrictions and compromise a vulnerable system to cause unauthorized disclosure of information, modification of information and disruption of service.

Description

Multiple stack-based buffer overflow vulnerabilities exist in dsmagent.exe in the Remote Agent Service in the IBM Tivoli Storage Manager (TSM) client 5.1.0.0 through 5.1.8.2, 5.2.0.0 through 5.2.5.3, 5.3.0.0 through 5.3.6.4, and 5.4.0.0 through 5.4.1.96, and the TSM Express client 5.3.3.0 through 5.3.6.4. The exploitation of these vulnerabilities allow remote attackers to execute arbitrary code via a request packet that is not properly parsed by an unspecified "generic string handling function" or a crafted NodeName in a dicuGetIdentifyRequest request packet, related to the Web GUI and Java GUI.

Solution

The vendor has issued fixes to address problems described by APARs IC59513, IC59994, IC59779, and IC59781 in the advisory available at:

http://www-01.ibm.com/support/docview.wss?uid=swg21384389

Vendor Information

IBM
http://www-01.ibm.com/support/docview.wss?uid=swg1IC59513
http://www-01.ibm.com/support/docview.wss?uid=swg21384389

References

Secunia
http://secunia.com/advisories/cve_reference/CVE-2008-4828/
http://secunia.com/secunia_research/2008-55/

SecurityFocus
http://www.securityfocus.com/archive/1/archive/1/503182/100/0/
threaded

VUPEN Security
http://www.vupen.com/english/advisories/2009/1235

CVE Name
CVE-2008-4828

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information


Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003