IBM Tivoli Storage Manager < 184.108.40.206/220.127.116.11/18.104.22.168/5.5.2 Multiple Vulnerabilities
High Nessus Network Monitor Plugin ID 5016
SynopsisThe remote host is vulnerable to multiple attack vectors
DescriptionThe remote host is running the IBM Tivoli Storage Manager.
This version of TSM is reported vulnerable to multiple remote buffer overflows. An attacker, exploiting these flaws, would be able to execute arbitrary code on the remote system. In addition, the application is vulnerable to a flaw wherein attackers may be able to access confidential data on the remote system. Lastly, a vulnerability exists wherein attackers can execute man-in-the-middle attacks against the Windows and AIX SSL client.
SolutionThe vendor has released versions 22.214.171.124, 126.96.36.199, 188.8.131.52, and 5.5.2 to address these issues