CyberSec.Space Logo
返回 CVE 浏览器

CVE-2013-6335

LOW
3.3
CVSS Severity Score
EPSS Score0.1730%
EPSS Percentile1.70th
Published2014年8月26日
Last Modified2026年5月6日

Vulnerability Description

The Backup-Archive client in IBM Tivoli Storage Manager (TSM) for Space Management 5.x and 6.x before 6.2.5.3, 6.3.x before 6.3.2, 6.4.x before 6.4.2, and 7.1.x before 7.1.0.3 on Linux and AIX, and 5.x and 6.x before 6.1.5.6 on Solaris and HP-UX, does not preserve file permissions across backup and restore operations, which allows local users to bypass intended access restrictions via standard filesystem operations.

Affected Platforms (CPE)

📦
Ibm

Tivoli Storage Manager

>= 5.1 and < 6.2.5.3
📦
Ibm

Tivoli Storage Manager

>= 6.3.0 and < 6.3.2
📦
Ibm

Tivoli Storage Manager

>= 6.4.0 and < 6.4.2
📦
Ibm

Tivoli Storage Manager

>= 7.1.0.0 and < 7.1.0.3
📦
Ibm

Tivoli Storage Manager

>= 5.1 and < 6.1.5.6

References & Advisories

🔗 http://secunia.com/advisories/60482
🔗 http://www-01.ibm.com/support/docview.wss?uid=swg1IC96095
🔗 http://www-01.ibm.com/support/docview.wss?uid=swg21680453
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/89054
🔗 http://secunia.com/advisories/60482
🔗 http://www-01.ibm.com/support/docview.wss?uid=swg1IC96095
🔗 http://www-01.ibm.com/support/docview.wss?uid=swg21680453
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/89054

相关漏洞威胁

CVE-2006-585510.0

Multiple buffer overflows in IBM Tivoli Storage Manager (TSM) before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to cause ...

CVE-2007-488010.0

Buffer overflow in the Client Acceptor Daemon (CAD), dsmcad.exe, in certain IBM Tivoli Storage Manager (TSM) clients 5.1 before 5....

CVE-2003-136110.0

Unknown vulnerability in VERITAS Bare Metal Restore (BMR) of Tivoli Storage Manager (TSM) 3.1.0 through 3.2.1 allows remote attack...

CVE-2008-024710.0

Heap-based buffer overflow in the Express Backup Server service (dsmsvc.exe) in IBM Tivoli Storage Manager (TSM) Express 5.3 befor...