|
|
|||
| Rule General Information |
|---|
| Release Date: | 2020-06-09 | |
| Rule Name: | IBM Tivoli Storage Manager Client CAD Service Buffer Overflow Vulnerability (CVE-2009-3853) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Stack-based buffer overflow in the client acceptor daemon (CAD) scheduler in the client in IBM Tivoli Storage Manager (TSM) 5.3 before 5.3.6.7, 5.4 before 5.4.3, 5.5 before 5.5.2.2, and 6.1 before 6.1.0.2, and TSM Express 5.3.3.0 through 5.3.6.6, allows remote attackers to execute arbitrary code via crafted data in a TCP packet. | |
| Impact: | A buffer overflow vulnerability can be triggered by an attacker in the context of the vulnerable product. Further attacks includes arbitrary code execution and denial of service. | |
| Affected OS: | Windows | |
| Reference: | SecurityTrackerID:1023136 http://www.securityfocus.com/archive/1/507654/100/0/threaded http://www.vupen.com/english/advisories/2009/3132 http://www-01.ibm.com/support/docview.wss?uid=swg1IC61036 |
|
| Solutions |
|---|
| The vendors have released upgrade patches to fix vulnerabilities, please visit: http://www-01.ibm.com/support/docview.wss?uid=swg21405562 |