This script is Copyright (C) 2016 Tenable Network Security, Inc.
The remote backup service is affected by multiple vulnerabilities.
The version of IBM Tivoli Storage Manager FastBack running on the
remote host is 5.5.x or 6.1.x prior to 188.8.131.52. It is, therefore,
affected by multiple vulnerabilities :
- Multiple buffer overflow conditions exist in server
command processing due to improper bounds checking of
user-supplied input. An unauthenticated, remote attacker
can exploit these to cause a buffer overflow, resulting
in a denial of service or the execution of arbitrary
code with system privileges. (CVE-2015-8519,
CVE-2015-8520, CVE-2015-8521, CVE-2015-8522)
- A denial of service vulnerability exists that allows an
unauthenticated, remote attacker to shut down the
service via a specially crafted TCP packet.
See also :
Upgrade to IBM Tivoli Storage Manager FastBack version 184.108.40.206 or
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 7.4
Public Exploit Available : false