Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2006-5855

Опубликовано: 06 дек. 2006
Источник: nvd
CVSS2: 10
EPSS Средний

Описание

Multiple buffer overflows in IBM Tivoli Storage Manager (TSM) before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in (1) the language field at logon that begins with a 0x18 byte, (2) two unspecified parameters to the SmExecuteWdsfSession function, and (3) the contact field in an open registration message.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:tivoli_storage_manager:5.2.7:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_storage_manager:5.2.8:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_storage_manager:5.3.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_storage_manager:5.3.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_storage_manager:5.3.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_storage_manager:5.3.3:*:*:*:*:*:*:*

EPSS

Процентиль: 99%
0.68193
Средний

10 Critical

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

github логотип

GHSA-7r4r-3fxw-5p8q

github
почти 4 года назад

Multiple buffer overflows in IBM Tivoli Storage Manager (TSM) before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in (1) the language field at logon that begins with a 0x18 byte, (2) two unspecified parameters to the SmExecuteWdsfSession function, and (3) the contact field in an open registration message.

EPSS

Процентиль: 99%
0.68193
Средний

10 Critical

CVSS2

Дефекты

NVD-CWE-Other