IBM Tivoli Storage Manager Client Multiple Vulnerabilities (swg21268775)

Critical Nessus Plugin ID 26187


The remote backup client is susceptible to multiple attacks.


The remote host is running an IBM Tivoli Storage Manager (TSM) client.

The version of the TSM client installed on the remote host reportedly contains a buffer overflow vulnerability in its Client Acceptor Daemon (CAD) service. Using an HTTP request with a long Host header, a remote attacker may be able to exploit this issue to crash the affected host or to execute arbitrary commands with administrative privileges.

In addition, the use of server-initiated prompted scheduling also may allow unauthorized access to the client's data under certain conditions.


Upgrade to Tivoli Storage Manager version / / / backup-archive client or the Tivoli Storage Manager Express client.

See Also

Plugin Details

Severity: Critical

ID: 26187

File Name: ibm_tsm_client_swg21268775.nasl

Version: $Revision: 1.16 $

Type: remote

Family: Web Servers

Published: 2007/09/25

Modified: 2016/11/23

Dependencies: 10107

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:ibm:tivoli_storage_manager_client

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2007/09/21

Vulnerability Publication Date: 2007/09/21

Exploitable With


Core Impact

Metasploit (IBM Tivoli Storage Manager Express CAD Service Buffer Overflow)

Reference Information

CVE: CVE-2007-4880, CVE-2007-5022

BID: 25743

OSVDB: 38161, 38162

CWE: 119, 200