| Vulnerability Name: | CVE-2006-5855 (CCN-30699) | ||||||||
| Assigned: | 2006-12-04 | ||||||||
| Published: | 2006-12-04 | ||||||||
| Updated: | 2018-10-17 | ||||||||
| Summary: | Multiple buffer overflows in IBM Tivoli Storage Manager (TSM) before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in (1) the language field at logon that begins with a 0x18 byte, (2) two unspecified parameters to the SmExecuteWdsfSession function, and (3) the contact field in an open registration message. | ||||||||
| CVSS v3 Severity: | 10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
| CVSS v2 Severity: | 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C) 7.4 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
7.4 High (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Access | ||||||||
| References: | Source: MITRE Type: CNA CVE-2006-5855 Source: CCN Type: SA23177 IBM Tivoli Storage Manager Buffer Overflow Vulnerabilities Source: SECUNIA Type: Vendor Advisory 23177 Source: SREASON Type: UNKNOWN 1979 Source: CCN Type: SECTRACK ID: 1017333 IBM Tivoli Storage Manager Request Processing Buffer Overflows Let Remote Users Execute Arbitrary Code Source: SECTRACK Type: UNKNOWN 1017333 Source: AIXAPAR Type: Patch, Vendor Advisory IC50347 Source: CCN Type: IBM Support & downloads TSM Server Abend with Invalid Requests Source: CONFIRM Type: Patch, Vendor Advisory http://www-1.ibm.com/support/docview.wss?uid=swg21250261 Source: CCN Type: US-CERT VU#350625 IBM Tivoli Storage Manager SmExecuteWdsfSession( ) function vulnerable to buffer overflow Source: CERT-VN Type: US Government Resource VU#350625 Source: CCN Type: US-CERT VU#478753 IBM Tivoli Storage Manager vulnerable to a buffer overflow Source: CERT-VN Type: US Government Resource VU#478753 Source: CCN Type: US-CERT VU#887249 IBM Tivoli Storage Manager Server vulnerable to buffer overflow Source: CERT-VN Type: US Government Resource VU#887249 Source: BUGTRAQ Type: UNKNOWN 20061204 TSRT-06-14: IBM Tivoli Storage Manager Mutiple Buffer Overflow Vulnerabilities Source: BID Type: Patch, Vendor Advisory 21440 Source: CCN Type: BID-21440 IBM Tivoli Storage Manager Multiple Buffer Overflow Vulnerabilities Source: CCN Type: TSRT-06-14 IBM Tivoli Storage Manager Mutiple Buffer Overflow Vulnerabilities Source: MISC Type: Vendor Advisory http://www.tippingpoint.com/security/advisories/TSRT-06-14.html Source: VUPEN Type: UNKNOWN ADV-2006-4856 Source: XF Type: UNKNOWN tivoli-login-language-bo(30699) Source: XF Type: UNKNOWN tivoli-login-language-bo(30699) Source: XF Type: UNKNOWN tivoli-smexecutewdsfsession-bo(30701) Source: XF Type: UNKNOWN tivoli-registration-message-bo(30702) | ||||||||
| Vulnerable Configuration: | Configuration 1: Configuration CCN 1:  Denotes that component is vulnerable | ||||||||
| Vulnerability Name: | CVE-2006-5855 (CCN-30701) | ||||||||
| Assigned: | 2006-12-04 | ||||||||
| Published: | 2006-12-04 | ||||||||
| Updated: | 2018-10-17 | ||||||||
| Summary: | Multiple buffer overflows in IBM Tivoli Storage Manager (TSM) before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in (1) the language field at logon that begins with a 0x18 byte, (2) two unspecified parameters to the SmExecuteWdsfSession function, and (3) the contact field in an open registration message. | ||||||||
| CVSS v3 Severity: | 10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
| CVSS v2 Severity: | 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C) 7.4 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
7.4 High (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Gain Access | ||||||||
| References: | Source: MITRE Type: CNA CVE-2006-5855 Source: CCN Type: SA23177 IBM Tivoli Storage Manager Buffer Overflow Vulnerabilities Source: CCN Type: SECTRACK ID: 1017333 IBM Tivoli Storage Manager Request Processing Buffer Overflows Let Remote Users Execute Arbitrary Code Source: CCN Type: IBM Support & downloads TSM Server Abend with Invalid Requests Source: CCN Type: US-CERT VU#350625 IBM Tivoli Storage Manager SmExecuteWdsfSession( ) function vulnerable to buffer overflow Source: CCN Type: US-CERT VU#478753 IBM Tivoli Storage Manager vulnerable to a buffer overflow Source: CCN Type: US-CERT VU#887249 IBM Tivoli Storage Manager Server vulnerable to buffer overflow Source: CCN Type: BID-21440 IBM Tivoli Storage Manager Multiple Buffer Overflow Vulnerabilities Source: CCN Type: TSRT-06-14 IBM Tivoli Storage Manager Mutiple Buffer Overflow Vulnerabilities Source: XF Type: UNKNOWN tivoli-smexecutewdsfsession-bo(30701) | ||||||||
| Vulnerability Name: | CVE-2006-5855 (CCN-30702) | ||||||||
| Assigned: | 2006-12-04 | ||||||||
| Published: | 2006-12-04 | ||||||||
| Updated: | 2006-12-04 | ||||||||
| Summary: | IBM Tivoli Storage Manager (TSM) is vulnerable to a buffer overflow, caused by improper bounds checking of the contact field in the open registration message process. By sending a specially-crafted registration message containing an overly long contact field to TCP port 1500, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the TSM service to crash. | ||||||||
| CVSS v3 Severity: | 10.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||
| CVSS v2 Severity: | 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C) 7.4 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
7.4 High (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
| ||||||||
| Vulnerability Consequences: | Gain Access | ||||||||
| References: | Source: MITRE Type: CNA CVE-2006-5855 Source: CCN Type: SA23177 IBM Tivoli Storage Manager Buffer Overflow Vulnerabilities Source: CCN Type: SECTRACK ID: 1017333 IBM Tivoli Storage Manager Request Processing Buffer Overflows Let Remote Users Execute Arbitrary Code Source: CCN Type: IBM Support & downloads TSM Server Abend with Invalid Requests Source: CCN Type: US-CERT VU#350625 IBM Tivoli Storage Manager SmExecuteWdsfSession( ) function vulnerable to buffer overflow Source: CCN Type: US-CERT VU#478753 IBM Tivoli Storage Manager vulnerable to a buffer overflow Source: CCN Type: US-CERT VU#887249 IBM Tivoli Storage Manager Server vulnerable to buffer overflow Source: CCN Type: BID-21440 IBM Tivoli Storage Manager Multiple Buffer Overflow Vulnerabilities Source: CCN Type: TSRT-06-14 IBM Tivoli Storage Manager Mutiple Buffer Overflow Vulnerabilities Source: XF Type: UNKNOWN tivoli-registration-message-bo(30702) | ||||||||
| Vulnerable Configuration: | Configuration CCN 1: Denotes that component is vulnerable | ||||||||
| BACK | |||||||||