Freely subscribe to our NEWSLETTER

This bulletin was written by Vigil@nce : http://vigilance.fr/

SYNTHESIS OF THE VULNERABILITY

Several vulnerabilities were announced in IBM Tivoli Storage
Manager FastBack.

Severity: 2/4

Creation date: 20/08/2010

DESCRIPTION OF THE VULNERABILITY

Several vulnerabilities were announced in IBM Tivoli Storage
Manager FastBack.

The Mount service uses a UDP port to communicate with clients. An
attacker can connect to this port and send malicious data in order
to corrupt memory or execute code. [severity:2/4; CVE-2010-3058]

An attacker can force the server to execute remote code. When this
occures, a buffer overflow happens. An attacker can therefore
generate a buffer overflow in FastBack Server in order to read or
write data. [severity:2/4; CVE-2010-3059]

An attacker can connect to this server and send malicious data in
order to generate a denial of service. [severity:2/4;
CVE-2010-3061]

An attacker can connect to the server and send malicious Shell
data in order to generate a denial of service. [severity:2/4;
CVE-2010-3060]

ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN

http://vigilance.fr/vulnerability/IBM-Tivoli-Storage-Manager-FastBack-several-vulnerabilities-9857