IBM Tivoli Storage Manager FastBack 6.1.x < 6.1.12.1 Multiple Vulnerabilities

critical Nessus Plugin ID 85254

Synopsis

The remote backup service is affected by multiple vulnerabilities.

Description

The version of IBM Tivoli Storage Manager FastBack running on the remote host is 6.1.x prior to 6.1.12.1. It is, therefore, affected by multiple stack-based buffer overflow conditions that can be exploited by a remote attacker, using specially crafted packets, to cause a denial of service or possibly execute arbitrary code in the SYSTEM context :

- User-supplied input is not properly validated when handling opcode 4115, resulting in a buffer overflow.
(CVE-2015-4931)

- User-supplied input is not properly validated when handling opcode 1365 in a Files Restore Agents list, resulting in a buffer overflow. (CVE-2015-4932)

- User-supplied input is not properly validated when handling opcode 1365 in a Volume Restore Agents list, resulting in a buffer overflow. (CVE-2015-4933)

- User-supplied input is not properly validated when handling opcode 8192, resulting in a buffer overflow.
(CVE-2015-4934)

- User-supplied input is not properly validated when handling opcode 4755, resulting in a buffer overflow.
(CVE-2015-4935)

Solution

Upgrade to IBM Tivoli Storage Manager FastBack version 6.1.12.1 or later.

See Also

http://www-01.ibm.com/support/docview.wss?uid=swg21961928

https://www.zerodayinitiative.com/advisories/ZDI-15-375/

https://www.zerodayinitiative.com/advisories/ZDI-15-373/

https://www.zerodayinitiative.com/advisories/ZDI-15-374/

https://www.zerodayinitiative.com/advisories/ZDI-15-376/

https://www.zerodayinitiative.com/advisories/ZDI-15-372/

Plugin Details

Severity: Critical

ID: 85254

File Name: ibm_tsm_fastback_server_6_1_12_1.nasl

Version: 1.7

Type: remote

Family: General

Published: 8/6/2015

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:ibm:tivoli_storage_manager_fastback

Required KB Items: IBM Tivoli Storage Manager FastBack Server, Services/tsm-fastback

Exploit Ease: No known exploits are available

Patch Publication Date: 7/28/2015

Vulnerability Publication Date: 7/28/2015

Reference Information

CVE: CVE-2015-4931, CVE-2015-4932, CVE-2015-4933, CVE-2015-4934, CVE-2015-4935