OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Patrik Karlsson (patrikcqure.net)
Date: Thu Apr 11 2002 - 11:48:53 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    iXsecurity Security Vulnerability Report
    No: iXsecurity.20020327.tivoli_tsm_dsmcad.a
    ===========================================

    Vulnerability Summary
    ---------------------
    Problem: The Tivoli Storage Manager webserver, running
                            on port 1581 has a buffer overflow condition.

    Threat: An attacker could make the webserver crash and
                            possibly execute arbitrary code.

    Affected Software: Tivoli Storage Manager version 4.2.x.x.

    Platform: Windows NT4/2000.

    Vulnerability Description
    -------------------------
    A request for the URL A.AAAAA....approximately_1292_more_A's to the
    webserver running on port 1581 (TSM Client Acceptor) will result in a
    crash, overwriting EIP. The buffer overwriting EIP is in a widestring
    format, making it a little more difficult, although not impossible,
    to exploit.

    Solution
    --------
    See APAR IC33211
    Apply Patch V4.2.1.32 currently available at
    http://www.tivoli.com/support/storage_mgr/clients.html
    For additional information or assistance please contact your
    IBM Service Representative at 1-800-IBM-SERV

    Additional Information
    ----------------------
    Tivoli was contacted 20020327.

    This vulnerability was found and researched by
    Patrik Karlsson & Jonas Lšndin
    patrik.karlssonixsecurity.com
    jonas.landinixsecurity.com

    This document is also available at: http://www.cqure.net/advisories/