Buffer overflow in Tivoli Storage Manager TSM (1) Server or Storage Agents 3.1 through 5.1, and (2) the TSM Client Acceptor Service 4.2 and 5.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request to port 1580 or port 1581.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Tivoli_storage_manager | Ibm | 4.2 (including) | 4.2 (including) |
| Tivoli_storage_manager | Ibm | 4.2.1 (including) | 4.2.1 (including) |
References
- http://archives.neohapsis.com/archives/bugtraq/2002-04/0126.html
- http://online.securityfocus.com/archive/1/267143
- http://www.iss.net/security_center/static/8817.php
- http://www.iss.net/security_center/static/8825.php
- http://www.securityfocus.com/bid/4492
- http://www.securityfocus.com/bid/4500
- http://www.tivoli.com/support/storage_mgr/flash_httpport.html
- http://archives.neohapsis.com/archives/bugtraq/2002-04/0126.html
- http://online.securityfocus.com/archive/1/267143
- http://www.iss.net/security_center/static/8817.php
- http://www.iss.net/security_center/static/8825.php
- http://www.securityfocus.com/bid/4492
- http://www.securityfocus.com/bid/4500
- http://www.tivoli.com/support/storage_mgr/flash_httpport.html