This script is Copyright (C) 2007-2012 Tenable Network Security, Inc.
The remote backup client is susceptible to multiple attacks.
The remote host is running an IBM Tivoli Storage Manager (TSM) client.
The version of the TSM client installed on the remote host reportedly
contains a buffer overflow vulnerability in its Client Acceptor Daemon
(CAD) service. Using an HTTP request with a long Host header, a
remote attacker may be able to exploit this issue to crash the
affected host or to execute arbitrary commands with administrative
In addition, the use of server-initiated prompted scheduling also may
allow unauthorized access to the client's data under certain
See also :
Upgrade to Tivoli Storage Manager version 18.104.22.168 / 22.214.171.124 / 126.96.36.199
/ 188.8.131.52 backup-archive client or the Tivoli Storage Manager Express
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.3
Public Exploit Available : true
Family: Web Servers
Nessus Plugin ID: 26187 (ibm_tsm_client_swg21268775.nasl)
Bugtraq ID: 25743
CVE ID: CVE-2007-4880CVE-2007-5022
Upgrade to Nessus Professional today!
Start your free Nessus Cloud trial now!
Begin Free Trial
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.