icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

IBM Tivoli Storage Manager < 5.2.5.4/5.3.6.6/5.4.2.7/5.5.2 Multiple Vulnerabilities

High

Synopsis

The remote host is vulnerable to multiple attack vectors

Description

The remote host is running the IBM Tivoli Storage Manager.

This version of TSM is reported vulnerable to multiple remote buffer overflows. An attacker, exploiting these flaws, would be able to execute arbitrary code on the remote system. In addition, the application is vulnerable to a flaw wherein attackers may be able to access confidential data on the remote system. Lastly, a vulnerability exists wherein attackers can execute man-in-the-middle attacks against the Windows and AIX SSL client.

Solution

The vendor has released versions 5.2.5.4, 5.3.6.6, 5.4.2.7, and 5.5.2 to address these issues