This script is Copyright (C) 2009-2014 Tenable Network Security, Inc.
The remote backup client is susceptible to multiple attacks.
The remote host is running an IBM Tivoli Storage Manager (TSM) client.
The version running on the remote host has one or more of the
following vulnerabilities :
- A remote stack-based buffer overflow in the client
acceptor daemon (CAD) scheduler could lead to the
execution of arbitrary code. (CVE-2009-3853)
- A remote, stack-based buffer overflow in the traditional
scheduler could lead to the execution of arbitrary
- There is an unspecified, unauthorized access
vulnerability in the Unix, Linux, and OS/400 API clients
when specifying the MAILPROG option. This vulnerability
reportedly allows a remote attacker to modify arbitrary
files on the remote host. (CVE-2009-2855)
Upgrade to the relevant version of Tivoli Storage Manager client
referenced in the vendor's advisory.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.3
Public Exploit Available : true