IBM Tivoli Storage Manager FastBack Server Opcode 1329 Information Disclosure

high Nessus Plugin ID 91502

Synopsis

A remote backup service is affected by an information disclosure vulnerability.

Description

The IBM Tivoli Storage Manager FastBack Server running on the remote host is affected by an information disclosure vulnerability due to improper processing of opcode 1329. An unauthenticated, remote attacker can exploit this, by sending a crafted packet to TCP port 11460, to read the contents of arbitrary files.

Note that the FastBack Server running on the remote host is reportedly affected by other vulnerabilities as well; however, this plugin has not tested for them.

Solution

Upgrade to IBM Tivoli Storage Manager FastBack version 6.1.12 or later.

See Also

https://www.zerodayinitiative.com/advisories/ZDI-15-268/

http://www.nessus.org/u?bc221f52

Plugin Details

Severity: High

ID: 91502

File Name: ibm_tsm_fastback_server_opcode_1329_info_disclosure.nasl

Version: 1.4

Type: remote

Family: General

Published: 6/7/2016

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.4

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 5.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N

Vulnerability Information

CPE: cpe:/a:ibm:tivoli_storage_manager_fastback

Required KB Items: IBM Tivoli Storage Manager FastBack Server, Services/tsm-fastback

Exploit Ease: No known exploits are available

Patch Publication Date: 7/2/2015

Vulnerability Publication Date: 5/18/2015

Reference Information

CVE: CVE-2015-1941

BID: 75446