1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: IBM Tivoli Storage Manager CVE-2009-3853

Attack: IBM Tivoli Storage Manager CVE-2009-3853

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit a buffer overflow vulnerability in IBM Tivoli Storage Manager

Additional Information

IBM Tivoli Storage Manager is an application for automated backup and recovery of data.

The application is prone to multiple vulnerabilities:

1. A remote buffer-overflow vulnerability affects the client acceptor daemon (CAD) scheduler when handling malicious data.

2. A buffer-overflow vulnerability affects the traditional client scheduler when handling malicious data.

3. An unauthorized-access vulnerability in the UNIX and Linux backup-archive clients and the OS/400 API client arises when the 'MAILPROG' option is enabled. This may allow attackers to read, copy, edit, or delete files on affected computers.

Attackers can exploit these issues to cause a denial-of-service condition, to execute arbitrary code, and to manipulate files on a victim's computer. Other attacks may also be possible.

Affected

  • NA

Response

NA
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube