CyberSec.Space Logo
Back to CVE Browser

CVE-2010-3758

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1370%
EPSS Percentile7.41th
PublishedOct 5, 2010
Last ModifiedApr 29, 2026

Vulnerability Description

Multiple stack-based buffer overflows in FastBackServer.exe in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 allow remote attackers to execute arbitrary code via vectors involving the (1) AGI_SendToLog (aka _SendToLog) function; the (2) group, (3) workgroup, or (4) domain name field to the USER_S_AddADGroup function; the (5) user_path variable to the FXCLI_checkIndexDBLocation function; or (6) the _AGI_S_ActivateLTScriptReply (aka ActivateLTScriptReply) function. NOTE: this might overlap CVE-2010-3059.

Affected Platforms (CPE)

πŸ“¦
Ibm

Tivoli Storage Manager Fastback

= 5.5.0
πŸ“¦
Ibm

Tivoli Storage Manager Fastback

= 5.5.1
πŸ“¦
Ibm

Tivoli Storage Manager Fastback

= 5.5.2
πŸ“¦
Ibm

Tivoli Storage Manager Fastback

= 5.5.2.0
πŸ“¦
Ibm

Tivoli Storage Manager Fastback

= 5.5.3.0
πŸ“¦
Ibm

Tivoli Storage Manager Fastback

= 5.5.4.0
πŸ“¦
Ibm

Tivoli Storage Manager Fastback

= 5.5.5.0
πŸ“¦
Ibm

Tivoli Storage Manager Fastback

= 5.5.6.0
πŸ“¦
Ibm

Tivoli Storage Manager Fastback

= 6.1.0.0
πŸ“¦
Ibm

Tivoli Storage Manager Fastback

= 6.1.0.1

References & Advisories

πŸ”— http://www-01.ibm.com/support/docview.wss?uid=swg1IC69883
πŸ”— http://www.ibm.com/support/docview.wss?uid=swg21443820
πŸ”— http://www.securityfocus.com/archive/1/514059/100/0/threaded
πŸ”— http://www.securityfocus.com/archive/1/514067/100/0/threaded
πŸ”— http://www.securityfocus.com/archive/1/514072/100/0/threaded
πŸ”— http://www.securityfocus.com/archive/1/514078/100/0/threaded
πŸ”— http://zerodayinitiative.com/advisories/ZDI-10-180/
πŸ”— http://zerodayinitiative.com/advisories/ZDI-10-181/

Related Vulnerabilities

CVE-2010-375710.0

Format string vulnerability in the _Eventlog function in FastBackServer.exe in the Server in IBM Tivoli Storage Manager (TSM) Fast...

CVE-2010-375910.0

FastBackMount.exe in the Mount service in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6....

CVE-2010-375410.0

The FXCLI_OraBR_Exec_Command function in FastBackServer.exe in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 thr...

CVE-2010-376110.0

Unspecified vulnerability in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 allows ...