Описание
Multiple buffer overflows in IBM Tivoli Storage Manager (TSM) before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in (1) the language field at logon that begins with a 0x18 byte, (2) two unspecified parameters to the SmExecuteWdsfSession function, and (3) the contact field in an open registration message.
Multiple buffer overflows in IBM Tivoli Storage Manager (TSM) before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in (1) the language field at logon that begins with a 0x18 byte, (2) two unspecified parameters to the SmExecuteWdsfSession function, and (3) the contact field in an open registration message.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-5855
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30699
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30701
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30702
- http://secunia.com/advisories/23177
- http://securityreason.com/securityalert/1979
- http://securitytracker.com/id?1017333
- http://www-1.ibm.com/support/docview.wss?uid=swg1IC50347
- http://www-1.ibm.com/support/docview.wss?uid=swg21250261
- http://www.kb.cert.org/vuls/id/350625
- http://www.kb.cert.org/vuls/id/478753
- http://www.kb.cert.org/vuls/id/887249
- http://www.securityfocus.com/archive/1/453544/100/0/threaded
- http://www.securityfocus.com/bid/21440
- http://www.tippingpoint.com/security/advisories/TSRT-06-14.html
- http://www.vupen.com/english/advisories/2006/4856
EPSS
CVE ID
Связанные уязвимости
Multiple buffer overflows in IBM Tivoli Storage Manager (TSM) before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in (1) the language field at logon that begins with a 0x18 byte, (2) two unspecified parameters to the SmExecuteWdsfSession function, and (3) the contact field in an open registration message.
EPSS