CVEブラウザに戻る

CVE-2006-5855

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0480%

EPSS Percentile12.80th

Published2006年12月6日

Last Modified2026年4月23日

Vulnerability Description

Multiple buffer overflows in IBM Tivoli Storage Manager (TSM) before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in (1) the language field at logon that begins with a 0x18 byte, (2) two unspecified parameters to the SmExecuteWdsfSession function, and (3) the contact field in an open registration message.

Affected Platforms (CPE)

📦

Ibm

Tivoli Storage Manager

= 5.2.7

📦

Ibm

Tivoli Storage Manager

= 5.2.8

📦

Ibm

Tivoli Storage Manager

= 5.3.0

📦

Ibm

Tivoli Storage Manager

= 5.3.1

📦

Ibm

Tivoli Storage Manager

= 5.3.2

📦

Ibm

Tivoli Storage Manager

= 5.3.3

References & Advisories

🔗 http://secunia.com/advisories/23177

🔗 http://securityreason.com/securityalert/1979

🔗 http://securitytracker.com/id?1017333

🔗 http://www-1.ibm.com/support/docview.wss?uid=swg1IC50347

🔗 http://www-1.ibm.com/support/docview.wss?uid=swg21250261

🔗 http://www.kb.cert.org/vuls/id/350625

🔗 http://www.kb.cert.org/vuls/id/478753

🔗 http://www.kb.cert.org/vuls/id/887249

関連する脆弱性情報

CVE-2007-488010.0

Buffer overflow in the Client Acceptor Daemon (CAD), dsmcad.exe, in certain IBM Tivoli Storage Manager (TSM) clients 5.1 before 5....

CVE-2008-024710.0

Heap-based buffer overflow in the Express Backup Server service (dsmsvc.exe) in IBM Tivoli Storage Manager (TSM) Express 5.3 befor...

CVE-2003-136110.0

Unknown vulnerability in VERITAS Bare Metal Restore (BMR) of Tivoli Storage Manager (TSM) 3.1.0 through 3.2.1 allows remote attack...

CVE-2009-152010.0

Buffer overflow in the Web GUI in the IBM Tivoli Storage Manager (TSM) client 5.1.0.0 through 5.1.8.2, 5.2.0.0 through 5.2.5.3, 5....