1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: IBM Tivoli Storage Manager FastBack Mount Buffer Overflow

Attack: IBM Tivoli Storage Manager FastBack Mount Buffer Overflow

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.

Additional Information

IBM Tivoli Storage Manager FastBack is storage management and recovery software.

IBM Tivoli Storage Manager FastBack is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. Specifically, this issue affects the 'CRYPTO_S_EncryptBufferToBuffer' function. An attacker can exploit this issue by sending a specially crafted packet to TCP port 30051.

Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.

Affected

  • IBM Tivoli Storage Manager FastBack 6.1.11 and earlier versions are vulnerable;
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube