Multiple array index errors in IBM Tivoli Storage Manager (TSM) before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to read arbitrary memory locations and cause a denial of service (crash) via a large index value in unspecified messages, a different issue than CVE-2006-5855.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Tivoli_storage_manager | Ibm | * | 5.2.9 (including) |
| Tivoli_storage_manager | Ibm | 5.3.0 (including) | 5.3.0 (including) |
| Tivoli_storage_manager | Ibm | 5.3.1 (including) | 5.3.1 (including) |
| Tivoli_storage_manager | Ibm | 5.3.2 (including) | 5.3.2 (including) |
| Tivoli_storage_manager | Ibm | 5.3.3 (including) | 5.3.3 (including) |
References
- http://securityreason.com/securityalert/1979
- http://www-1.ibm.com/support/docview.wss?uid=swg21250261
- http://www.securityfocus.com/archive/1/453544/100/0/threaded
- http://www.tippingpoint.com/security/advisories/TSRT-06-14.html
- http://securityreason.com/securityalert/1979
- http://www-1.ibm.com/support/docview.wss?uid=swg21250261
- http://www.securityfocus.com/archive/1/453544/100/0/threaded
- http://www.tippingpoint.com/security/advisories/TSRT-06-14.html