Vulnerability CVE-2009-3853 - CERT Civis.Net

Vulnerability Name:

CVE-2009-3853 (CCN-54127)

Assigned:

2009-11-03

Published:

2009-11-03

Updated:

2018-10-10

Summary:

Stack-based buffer overflow in the client acceptor daemon (CAD) scheduler in the client in IBM Tivoli Storage Manager (TSM) 5.3 before 5.3.6.7, 5.4 before 5.4.3, 5.5 before 5.5.2.2, and 6.1 before 6.1.0.2, and TSM Express 5.3.3.0 through 5.3.6.6, allows remote attackers to execute arbitrary code via crafted data in a TCP packet.

CVSS v3 Severity:

6.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Adjacent Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C)
7.7 High (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C/E:F/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

5.8 Medium (CCN CVSS v2 Vector: AV:A/AC:L/Au:N/C:P/I:P/A:P)
4.8 Medium (CCN Temporal CVSS v2 Vector: AV:A/AC:L/Au:N/C:P/I:P/A:P/E:F/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Adjacent_Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2009-3853

Source: CCN
Type: SA32534
IBM Tivoli Storage Manager Client Multiple Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
32534

Source: CCN
Type: Secunia Research 04/11/2009
Secunia Research: IBM Tivoli Storage Manager Client CAD Service Buffer Overflow

Source: MISC
Type: UNKNOWN
http://secunia.com/secunia_research/2008-51/

Source: CCN
Type: SECTRACK ID: 1023136
IBM Tivoli Storage Manager Client Buffer Overflows Let Remote Users Execute Arbitrary Code

Source: SECTRACK
Type: UNKNOWN
1023136

Source: AIXAPAR
Type: Vendor Advisory
IC61036

Source: CCN
Type: IBM Support & downloads
IBM Tivoli Storage Manager (TSM) Client Security Fixes - November 2009

Source: CONFIRM
Type: Patch, Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21405562

Source: CCN
Type: OSVDB ID: 59632
IBM Tivoli Storage Manager Client CAD Service Unspecified Remote Overflow

Source: BUGTRAQ
Type: UNKNOWN
20091104 Secunia Research: IBM Tivoli Storage Manager CAD Service Buffer Overflow

Source: CCN
Type: BID-36916
IBM Tivoli Storage Manager Multiple Remote Vulnerabilities

Source: VUPEN
Type: Patch, Vendor Advisory
ADV-2009-3132

Source: XF
Type: UNKNOWN
tsm-cad-bo(54127)

Vulnerable Configuration:

Configuration 1:

cpe:/a:ibm:tivoli_storage_manager:5.2.5.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_storage_manager:5.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_storage_manager:5.3.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_storage_manager:5.3.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_storage_manager:5.3.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_storage_manager:5.3.2.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_storage_manager:5.3.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_storage_manager:5.3.3:*:express:*:*:*:*:*

OR cpe:/a:ibm:tivoli_storage_manager:5.3.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_storage_manager:5.3.4:*:express:*:*:*:*:*

OR cpe:/a:ibm:tivoli_storage_manager:5.3.5:*:express:*:*:*:*:*

OR cpe:/a:ibm:tivoli_storage_manager:5.3.5.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_storage_manager:5.3.6:*:express:*:*:*:*:*

OR cpe:/a:ibm:tivoli_storage_manager:5.3.6.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_storage_manager:5.3.6.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_storage_manager:5.3.6.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_storage_manager:5.3.6.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_storage_manager:5.3.6.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_storage_manager:5.3.6.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_storage_manager:5.3.6.6:*:express:*:*:*:*:*

OR cpe:/a:ibm:tivoli_storage_manager:5.4.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_storage_manager:5.4.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_storage_manager:5.4.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_storage_manager:5.5.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_storage_manager:5.5.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_storage_manager:5.5.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_storage_manager:6.1.0:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:ibm:tivoli_storage_manager_client:5.3.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_storage_manager_client:5.4.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_storage_manager_client:5.5.0:*:*:*:*:*:*:*

Denotes that component is vulnerable