IBM Tivoli Storage Manager FastBack Server Opcode 1329 Information Disclosure
High Nessus Plugin ID 91502
SynopsisA remote backup service is affected by an information disclosure vulnerability.
DescriptionThe IBM Tivoli Storage Manager FastBack Server running on the remote host is affected by an information disclosure vulnerability due to improper processing of opcode 1329. An unauthenticated, remote attacker can exploit this, by sending a crafted packet to TCP port 11460, to read the contents of arbitrary files.
Note that the FastBack Server running on the remote host is reportedly affected by other vulnerabilities as well; however, this plugin has not tested for them.
SolutionUpgrade to IBM Tivoli Storage Manager FastBack version 6.1.12 or later.