TSM HSM for Windows buffer overrun security vulnerability

Flash (Alert)

Abstract

A security vulnerability exists in the IBM Tivoli Storage Manager (TSM) HSM for Windows client. A fix is available.

Content

A buffer overrun vulnerability exists in the IBM Tivoli Storage Manager (TSM) HSM for Windows client. The buffer overrun can be exploited to crash the client and also potentially to inject malicious code. This problem is addressed by APAR IC59481.
REQUIRED CONDITIONS FOR THIS PROBLEM TO OCCUR
You are running one of the affected HSM for Windows client versions listed below.

POSSIBLE CONSEQUENCE OF THE PROBLEM
This problem can be exploited to crash the client and to inject malicious code.

AFFECTED PRODUCTS
Tivoli Storage Manager HSM for Windows version 5.3.2.0 to 5.3.5.0 inclusive, 5.4.0.0 to 5.4.2.5 inclusive and 5.5.0.0 to 5.5.1.4 inclusive.

All other Tivoli Storage Manager products are unaffected.

RECOMMENDATION
Apply the fix to this problem.

HOW TO OBTAIN A FIX FOR THIS PROBLEM
This problem is fixed in the interim fixes below.

5.5.1.8
5.4.2.6

Rate this page:

(0 users)Average rating

Copyright and trademark information

IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.

Document information

Tivoli Storage Manager HSM for Windows

Software version:
5.4, 5.5

Operating system(s):
Windows 2003 server

Reference #:
1329223

Modified date:
2009-03-06

TSM HSM for Windows buffer overrun security vulnerability

Rate this page:

Copyright and trademark information

Rate this page:

Add comments

Document information

Translate my page

Content navigation

Footer links