 |
IBM Tivoli Storage Manager (TSM) Client Security Fixes - November 2009
|
| | | Abstract | | Fixes are available for three security vulnerabilities in the IBM Tivoli Storage Manager (TSM) client. The fixes address issues in the schedulers (described by APARs IC61036 and IC61058), and with the MAILPROG option (described by APAR IC54489). | | | | | | Content |
Three security vulnerabilities exist in the IBM Tivoli Storage Manager (TSM) client, as described below. Fixes are available (see SOLUTION below).
1. IC61036, CAD Scheduler Buffer Overrun:
A buffer overrun vulnerability exists in the client acceptor daemon (CAD) scheduler, which has the potential to crash the TSM client agent process or to allow malicious code injection. The malicious code could, for example, allow an unauthorized user to read, copy, alter, or delete files on the client machine.
The CAD scheduler is not the default scheduler, except on the Macintosh client and the TSM Express client. On non-Macintosh and non-Express clients, the CAD scheduler will only be used if the MANAGEDSERVICES option is set to SCHEDULE.
| Client Release | Vulnerable Client Levels | First Level with Fix within that Release | | TSM 6.1 | 6.1.0.0 through 6.1.0.1 | 6.1.0.2 | | TSM 5.5 | 5.5.0.0 through 5.5.2.1 | 5.5.2.2 | | TSM 5.4 | 5.4.0.0 through 5.4.2.7 | 5.4.3 | | TSM 5.3 | 5.3.0.0 through 5.3.6.6 | 5.3.6.7 | | TSM Express | 5.3.3.0 through 5.3.6.6 | 5.3.6.7 |
2. IC61058, Traditional Scheduler Buffer Overrun:
A buffer overrun vulnerability exists in the traditional client scheduler, which has the potential to crash the TSM client or to allow malicious code injection. The malicious code could, for example, allow an unauthorized user to read, copy, alter, or delete files on the client machine.
The traditional scheduler is the default scheduler for all clients except the Macintosh client and the TSM Express client.
| Client Release | Vulnerable Client Levels | First Level with Fix within that Release | | TSM 5.4 | 5.4.0.0 through 5.4.1.6 | 5.4.2 | | TSM 5.3 | 5.3.0.0 through 5.3.6.6 | 5.3.6.7 |
Versions 5.5 and 6.1 are unaffected by this vulnerability.
3. IC54489, Unauthorized Access with MAILPROG option:
An unauthorized access vulnerability exists in the UNIX and Linux backup-archive clients and the OS/400 API client when the MAILPROG option is specified. The vulnerability could, for example, allow an unauthorized user to read, copy, alter, or delete files on the client machine.
| Client Release | Vulnerable Client Levels | First Level with Fix within that Release | | TSM 5.5 | 5.5.0.0 through 5.5.0.7 | 5.5.1 | | TSM 5.4 | 5.4.0.0 through 5.4.1.6 | 5.4.2 | | TSM 5.3 | 5.3.0.0 through 5.3.6.5 | 5.3.6.6 |
Version 6.1 is unaffected by this vulnerability.
SOLUTION:
Install the client update packages that include the fixes for the vulnerabilities (see tables above and below). Later levels within the release are cumulative and will also include the fix.
- CAD scheduler client update packages:
TSM Windows and NetWare client users:
The 6.1, 5.5, and 5.4 packages in the table below fix the CAD scheduler vulnerability, but contain a new issue with missed backups, described by APAR IC62714. Please read this flash. If you are potentially affected, evaluate whether to use the workaround in that flash on top of the packages in the table below, or apply later packages that fix both IC62714 and the security vulnerability. | Client Release | B/A Client Platforms | Client download to first level with fix | | TSM 6.1 | All platforms | 6.1.0.2* | | TSM 5.5 | AIX
Linux x86
Solaris SPARC
HP-UX
All Windows | 5.5.2.2*
| | 5.5 (cont'd) | Mac | 5.5.2.3* | | 5.5 (cont'd) | Linux PPC
Linux zSeries
Linux Itanium
NetWare
Solaris x86/x86_64
z/OS USS | 5.5.2.4 | | TSM 5.4 | All platforms | 5.4.3* | TSM 5.3 "special clients"
supported in 5.4 | Windows 2000
Solaris 8
Linux x86 RHEL 3 | 5.3.6.7 | | TSM 5.3 | AIX
Linux x86
Solaris SPARC
HP-UX PA-RISC
Windows x32
Windows x64 | 5.3.6.7
(all 5.3 clients with support extensions) | | TSM Express | Windows x32
Windows x64 | Express 5.3.6.7 |
* Later packages are available for some platforms and can also be used. See this page for links to the latest fixpack and interim fix packages for each release: http://www.ibm.com/support/docview.wss?rs=663&uid=swg21239415
- Traditional scheduler client update packages:
| Client Release | B/A Client Platforms | Client download link to recent recommended level with fix | | TSM 5.4 | All platforms | 5.4.3* | TSM 5.3 "special clients"
supported in 5.4 | Windows 2000
Solaris 8
Linux x86 RHEL 3 | 5.3.6.7 | | TSM 5.3 | AIX
Linux x86
Solaris SPARC
HP-UX PA-RISC
Windows x32
Windows x64 | 5.3.6.7
(all 5.3 clients with support extensions) | | TSM Express | Windows x32
Windows x64 | Express 5.3.6.7 |
* Later packages are available for some platforms and can also be used. See this page for links to the latest fixpack and interim fix packages for each release: http://www.ibm.com/support/docview.wss?rs=663&uid=swg21239415
- MAILPROG client update packages:
Workaround: remove the MAILPROG option from your options file | Client Release | B/A Client Platforms | Client download link to recent recommended level with fix | | TSM 5.5 | All UNIX and Linux platforms | 5.5.2.2 through 5.5.2.4* | | TSM 5.5 (cont'd) | OS/400 API | 5.5.2 | | TSM 5.4 | All UNIX and Linux platforms and the OS/400 API client | 5.4.3* | TSM 5.3 "special clients"
supported in 5.4 | Solaris 8
Linux x86 RHEL 3 | 5.3.6.7 | | TSM 5.3 | AIX
Linux x86
Solaris SPARC
HP-UX PA-RISC | 5.3.6.7
(all UNIX and Linux 5.3 clients with support extensions) |
* Later packages are available for some platforms and can also be used. See this page for links to the latest fixpack and interim fix packages for each release: http://www.ibm.com/support/docview.wss?rs=663&uid=swg21239415
ACKNOWLEDGEMENTS:
The CAD scheduler buffer overrun vulnerability (IC61036) was reported to IBM by Secunia. The other two vulnerabilities were determined internally by IBM. | | | | | | | | |
|
|
| IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml. |
|
|
|
|
| Please take a moment to complete this form to help us better serve you. |
|
 |
|
|
|
|
|
|
| Product categories: |
|
| | Software | |
| | Storage Management | |
| | Data Protection | |
| | IBM Tivoli Storage Manager | |
| | Client | |
|
| Operating system(s): |
| |
AIX, HP-UX, Linux, Macintosh, NetWare, Solaris, Windows
|
|
| Software version: |
| |
5.3, 5.4, 5.5, 6.1
|
|
| Reference #: |
| |
1405562
|
|
| IBM Group: |
| | Software Group |
|
| Modified date: |
| | 2009-11-03 |
|
|
