iXsecurity.20020328.tivoli_tsm_dsmsvc.a
From: Patrik Karlsson (patrik@cqure.net)Date: 04/12/02
- Previous message: Solar Designer: "Re: local root compromise in openbsd 3.0 and below"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 11 Apr 2002 21:05:20 -0100 (GMT+1) From: "Patrik Karlsson" <patrik@cqure.net> To: <bugtraq@securityfocus.com>
iXsecurity Security Vulnerability Report
No: iXsecurity.20020328.tivoli_tsm_dsmsvc.a
===========================================
Vulnerability Summary
---------------------
Problem: The Tivoli Storage Manager webserver, running
on port 1580, has a buffer overflow condition.
Threat: An attacker could cause the service to crash,
and execute arbitrary code.
Affected Software: The exposure exists in versions 4.2.x.x.
Platform: Windows NT4/2000.
Vulnerability Description
-------------------------
The webserver bound to 1580 (dsmsvc.exe) has a buffer overflow condition.
If an attacker would login, using the login form, with a username of
approx. 1976 characters long, he would overwrite EIP. This would lead to
the service crashing, and the possibility of arbitrary code execution.
Solution
--------
See APAR IC33212
Apply Patch V4.2.1.15 currently available at
http://www.tivoli.com/support/storage_mgr/servers.html
For additional information or assistance please contact your
IBM Service Representative at 1-800-IBM-SERV
Additional Information
----------------------
Tivoli was contacted 20020328.
This vulnerability was found by
Patrik Karlsson & Jonas Ländin
patrik.karlsson@ixsecurity.com
jonas.landin@ixsecurity.com
This document is also available at: http://www.cqure.net/advisories/
- Previous message: Solar Designer: "Re: local root compromise in openbsd 3.0 and below"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
