APP: IBM Tivoli Storage Manager FastBack Server Opcode 1335 Format String
This signature detects attempts to exploit a known vulnerability against IBM Tivoli Storage Manager FastBack Server. The vulnerability is due to insufficient sanitization on parameters of Opcode 1335 requests. Successful exploitation could lead to arbitrary code execution within the context of the running application.
Extended Description
Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a different vulnerability than CVE-2015-1924, CVE-2015-1925, CVE-2015-1929, CVE-2015-1930, CVE-2015-1948, CVE-2015-1954, CVE-2015-1962, CVE-2015-1963, CVE-2015-1964, and CVE-2015-1965.
Affected Products
Ibm tivoli_storage_manager_fastback
Short Name
APP:IBM:TIVOLI-SRV-OP1335
Severity
Major
Recommended
True
Recommended Action
Drop
Category
APP
Keywords
1335 CVE-2015-1953 FastBack Format IBM Manager Opcode Server Storage String Tivoli
Release Date
01/19/2016
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3337
Port
TCP/11460
False Positive
Unknown
Vendors
Ibm
CVSS Score
7.8