Short Name |
APP:IBM:TIVOLI-SRV-OP1335 |
---|---|
Severity |
Major |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
APP |
Keywords |
IBM Tivoli Storage Manager FastBack Server Opcode 1335 Format String |
Release Date |
2016/01/19 |
Update Number |
2621 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability against IBM Tivoli Storage Manager FastBack Server. The vulnerability is due to insufficient sanitization on parameters of Opcode 1335 requests. Successful exploitation could lead to arbitrary code execution within the context of the running application.
Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a different vulnerability than CVE-2015-1924, CVE-2015-1925, CVE-2015-1929, CVE-2015-1930, CVE-2015-1948, CVE-2015-1954, CVE-2015-1962, CVE-2015-1963, CVE-2015-1964, and CVE-2015-1965.