Technical Description

Two vulnerabilities have been identified in IBM Tivoli Storage Manager Client, which could be exploited by attackers to obtain sensitive information, cause a denial of service or take complete control of an affected system.

The first issue is caused by a buffer overflow error in the Client Acceptor Daemon (CAD) when processing malformed requests, which could be exploited by attackers to crash a vulnerable system or execute arbitrary code.

The second vulnerability is caused by an unspecified error when using server-initiated prompted scheduling, which could be exploited by attackers to gain unauthorized access to the client's data.

Affected Products

IBM Tivoli Storage Manager Client version 5.1
IBM Tivoli Storage Manager Client version 5.2
IBM Tivoli Storage Manager Client version 5.3
IBM Tivoli Storage Manager Client version 5.4

Solution

Apply client update package 5.4.1.2 (UK27738 and UK27739) :
http://www.ibm.com/support/docview.wss?uid=swg24016585

Apply client update package 5.3.5.3 (UK29248 and UK29249) :
http://www.ibm.com/support/docview.wss?uid=swg24016838

Apply client update packages 5.2.5.2 and 5.1.8.1 :
http://www.ibm.com/support/docview.wss?uid=swg24016985
http://www.ibm.com/support/docview.wss?uid=swg24016586

References

http://www.vupen.com/english/advisories/2007/3228
http://www-1.ibm.com/support/docview.wss?uid=swg21268775

Credits

Vulnerabilities reported by Sebastian Apelt and ZDI.

ChangeLog

2007-09-20 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time e-mail and SMS alerts when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.