IBM.Tivoli.Storage.Manager.Express.dsmsvc.Buffer.Overflow
Description
This indicates an attempt to exploit a buffer overflow vulnerability in IBM Tivoli Storage Manager Express.
The vulnerability is in the TSM Express Backup Server service (dsmsvc.exe). An attacker can overflow a heap buffer via a user supplied length value. This makes it possible to execute arbitrary code on vulnerable installations. Authentication is not required to exploit this vulnerability.
Affected Products
IBM Tivoli Storage Manager Express 5.3.
Impact
System Compromise: remote attackers can gain control of vulnerable systems.
Recommended Actions
Upgrade to IBM Tivoli Storage Manager Express 5.3.7.3.
ftp://service.boulder.ibm.com/storage/tivoli-storage-management/patches/express/NT/5.3.7.3/TSMEXP5373.exe
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |