Short Name |
APP:IBM:TIVOLI-MAN-HEAP |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
IBM Tivoli Storage Manager Express Backup Heap Corruption |
Release Date |
2011/07/19 |
Update Number |
1957 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability in IBM Tivoli Storage Manager. This vulnerability is due to a lack of validation of a user supplied value in a message. This value is later used as a counter to populate a fixed length heap buffer. A remote unauthenticated attacker may leverage this vulnerability to create a denial of service condition of the affected service, or inject and execute arbitrary code on the target host. In an attack case where code injection is not successful, the target IBM Tivoli Express Backup Server service will terminate. In a more sophisticated attack where code injection is successful, the behaviour of the target is entirely dependent on the intended function of the injected code. The code in such a case would execute with SYSTEM level privileges.
IBM Tivoli Storage Manager (TSM) Express and Enterprise servers are prone to a remote heap-based buffer-overflow vulnerability. Successfully exploiting this issue would allow a remote attacker to corrupt memory and execute arbitrary code in the context of the vulnerable application.