APP: IBM Tivoli Storage Manager Express Backup Heap Corruption
This signature detects attempts to exploit a known vulnerability in IBM Tivoli Storage Manager. This vulnerability is due to a lack of validation of a user supplied value in a message. This value is later used as a counter to populate a fixed length heap buffer. A remote unauthenticated attacker may leverage this vulnerability to create a denial of service condition of the affected service, or inject and execute arbitrary code on the target host. In an attack case where code injection is not successful, the target IBM Tivoli Express Backup Server service will terminate. In a more sophisticated attack where code injection is successful, the behaviour of the target is entirely dependent on the intended function of the injected code. The code in such a case would execute with SYSTEM level privileges.
Extended Description
IBM Tivoli Storage Manager (TSM) Express and Enterprise servers are prone to a remote heap-based buffer-overflow vulnerability. Successfully exploiting this issue would allow a remote attacker to corrupt memory and execute arbitrary code in the context of the vulnerable application.
Affected Products
Ibm tivoli_storage_manager
Short Name
APP:IBM:TIVOLI-MAN-HEAP
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
Backup CVE-2008-4563 Corruption Express Heap IBM Manager Storage Tivoli bid:34077
Release Date
07/19/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
Port
TCP/1500
False Positive
Unknown
Vendors
Ibm
CVSS Score
10.0