IBM Tivoli Storage Manager FastBack Server Opcode 1329 Information Disclosure

High Nessus Plugin ID 91502

Synopsis

A remote backup service is affected by an information disclosure vulnerability.

Description

The IBM Tivoli Storage Manager FastBack Server running on the remote host is affected by an information disclosure vulnerability due to improper processing of opcode 1329. An unauthenticated, remote attacker can exploit this, by sending a crafted packet to TCP port 11460, to read the contents of arbitrary files.

Note that the FastBack Server running on the remote host is reportedly affected by other vulnerabilities as well; however, this plugin has not tested for them.

Solution

Upgrade to IBM Tivoli Storage Manager FastBack version 6.1.12 or later.

See Also

http://www.zerodayinitiative.com/advisories/ZDI-15-268/

http://www.nessus.org/u?bc221f52

Plugin Details

Severity: High

ID: 91502

File Name: ibm_tsm_fastback_server_opcode_1329_info_disclosure.nasl

Version: $Revision: 1.2 $

Type: remote

Family: General

Published: 2016/06/07

Modified: 2016/06/08

Dependencies: 83300, 11936

Risk Information

Risk Factor: High

CVSSv2

Base Score: 7.8

Temporal Score: 6.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:ibm:tivoli_storage_manager_fastback

Required KB Items: IBM Tivoli Storage Manager FastBack Server, Services/tsm-fastback

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2015/07/02

Vulnerability Publication Date: 2015/05/18

Reference Information

CVE: CVE-2015-1941

BID: 75446

ZDI: ZDI-15-268