iXsecurity.20020327.tivoli_tsm_dsmcad.a

From: Patrik Karlsson (patrikat_private)
Date: Thu Apr 11 2002 - 09:48:53 PDT

Next message: Christian Milow: "Re: MS02-018"

Previous message: quentynat_private: "SOAP::Lite hole"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

iXsecurity Security Vulnerability Report
No: iXsecurity.20020327.tivoli_tsm_dsmcad.a
===========================================

Vulnerability Summary
---------------------
Problem:                The Tivoli Storage Manager webserver, running
                        on port 1581 has a buffer overflow condition.

Threat:                 An attacker could make the webserver crash and
                        possibly execute arbitrary code.

Affected Software:      Tivoli Storage Manager version 4.2.x.x.

Platform:               Windows NT4/2000.


Vulnerability Description
-------------------------
A request for the URL A.AAAAA....approximately_1292_more_A's to the
webserver running on port 1581 (TSM Client Acceptor) will result in a
crash, overwriting EIP. The buffer overwriting EIP is in a widestring
format, making it a little more difficult, although not impossible,
to exploit.

Solution
--------
See APAR IC33211
Apply Patch V4.2.1.32 currently available at
http://www.tivoli.com/support/storage_mgr/clients.html
For additional information or assistance please contact your
IBM Service Representative at 1-800-IBM-SERV

Additional Information
----------------------
Tivoli was contacted 20020327.

This vulnerability was found and researched by
Patrik Karlsson & Jonas Ländin
patrik.karlssonat_private
jonas.landinat_private

This document is also available at: http://www.cqure.net/advisories/

Next message: Christian Milow: "Re: MS02-018"
Previous message: quentynat_private: "SOAP::Lite hole"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Apr 11 2002 - 12:44:03 PDT