Short Name |
APP:IBM:TIVOLI-SRV-OP1301 |
---|---|
Severity |
Major |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
APP |
Keywords |
IBM Tivoli Storage Manager FastBack Server Opcode 1301 Format String |
Release Date |
2015/12/30 |
Update Number |
2603 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability against IBM Tivoli Storage Manager FastBack Server. The vulnerability is due to insufficient sanitization on parameters of Opcode 1301 requests. Successful exploitation could lead to arbitrary code execution within the context of the running application.
The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to execute arbitrary commands via unspecified vectors, a different vulnerability than CVE-2015-1938.