IBM Tivoli Storage Manager Server 6.2 < 6.2.7 / 6.3 < 6.3.5 / 7.1 < 7.1.1 GSKit X.509 Certificate Chain DoS
High Nessus Plugin ID 80478
SynopsisThe remote backup service is affected by a denial of service vulnerability.
DescriptionThe version of IBM Tivoli Storage Manager installed on the remote host is affected by a denial of service vulnerability. A remote attacker can exploit this issue via malformed X.509 certificate chain to cause the host to become unresponsive.
SolutionUpgrade IBM Tivoli Storage Manager or apply the correct GSKit patch.
Alternatively, apply the workaround per the vendor advisory.