How to Buy
This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.
The remote backup client is susceptible to multiple attacks.
The remote host is running an IBM Tivoli Storage Manager (TSM) client.
The version running on the remote host has one or more of the
following vulnerabilities :
- A remote stack-based buffer overflow in the client
acceptor daemon (CAD) scheduler could lead to the
execution of arbitrary code. (CVE-2009-3853)
- A remote, stack-based buffer overflow in the traditional
scheduler could lead to the execution of arbitrary
- There is an unspecified, unauthorized access
vulnerability in the Unix, Linux, and OS/400 API clients
when specifying the MAILPROG option. This vulnerability
reportedly allows a remote attacker to modify arbitrary
files on the remote host. (CVE-2009-2855)
Upgrade to the relevant version of Tivoli Storage Manager client
referenced in the vendor's advisory.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.3
Public Exploit Available : true
Family: Gain a shell remotely
Nessus Plugin ID: 42824 (ibm_tsm_client_swg21405562.nasl)
Bugtraq ID: 36916
CVE ID: CVE-2009-3853CVE-2009-3854CVE-2009-3855
Get Nessus Professional to scan unlimited IPs, run compliance checks & more
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.