The server in IBM Tivoli Storage Manager (TSM) 4.2.x on MVS, 5.1.9.x before 5.1.9.1, 5.1.x before 5.1.10, 5.2.2.x before 5.2.2.3, 5.2.x before 5.2.3, 5.3.x before 5.3.0, and 6.x before 6.1, when the HTTP communication method is enabled, allows remote attackers to cause a denial of service (daemon crash or hang) via unspecified HTTP traffic, as demonstrated by the IBM port scanner 1.3.1.
https://exchange.xforce.ibmcloud.com/vulnerabilities/49535
http://www.vupen.com/english/advisories/2009/0881
http://www.securityfocus.com/bid/34285
http://www-1.ibm.com/support/docview.wss?uid=swg1IC39395
http://www-01.ibm.com/support/docview.wss?uid=swg21375360
http://www-01.ibm.com/support/docview.wss?uid=swg21246076