This script is Copyright (C) 2007-2012 Tenable Network Security, Inc.
The remote backup client is susceptible to multiple attacks.
The remote host is running an IBM Tivoli Storage Manager (TSM) client.
The version of the TSM client installed on the remote host reportedly
contains a buffer overflow vulnerability in its Client Acceptor Daemon
(CAD) service. Using an HTTP request with a long Host header, a
remote attacker may be able to exploit this issue to crash the
affected host or to execute arbitrary commands with administrative
In addition, the use of server-initiated prompted scheduling also may
allow unauthorized access to the client's data under certain
See also :
Upgrade to Tivoli Storage Manager version 220.127.116.11 / 18.104.22.168 / 22.214.171.124
/ 126.96.36.199 backup-archive client or the Tivoli Storage Manager Express
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.3
Public Exploit Available : true