This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Ibm First view 2015-04-05
Product Tivoli Storage Manager Fastback Last view 2016-04-05
Version 6.1.1.0 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:ibm:tivoli_storage_manager_fastback

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
7.5 2016-04-05 CVE-2015-8523

The server in IBM Tivoli Storage Manager FastBack 5.5.x and 6.x before 6.1.12.2 allows remote attackers to cause a denial of service (service crash) via crafted packets to a TCP port.

9.8 2016-04-05 CVE-2015-8522

Buffer overflow in the server in IBM Tivoli Storage Manager FastBack 5.5.x and 6.x before 6.1.12.2 allows remote attackers to execute arbitrary code via a crafted command, a different vulnerability than CVE-2015-8519, CVE-2015-8520, and CVE-2015-8521.

9.8 2016-04-05 CVE-2015-8521

Buffer overflow in the server in IBM Tivoli Storage Manager FastBack 5.5.x and 6.x before 6.1.12.2 allows remote attackers to execute arbitrary code via a crafted command, a different vulnerability than CVE-2015-8519, CVE-2015-8520, and CVE-2015-8522.

9.8 2016-04-05 CVE-2015-8520

Buffer overflow in the server in IBM Tivoli Storage Manager FastBack 5.5.x and 6.x before 6.1.12.2 allows remote attackers to execute arbitrary code via a crafted command, a different vulnerability than CVE-2015-8519, CVE-2015-8521, and CVE-2015-8522.

9.8 2016-04-05 CVE-2015-8519

Buffer overflow in the server in IBM Tivoli Storage Manager FastBack 5.5.x and 6.x before 6.1.12.2 allows remote attackers to execute arbitrary code via a crafted command, a different vulnerability than CVE-2015-8520, CVE-2015-8521, and CVE-2015-8522.

9.8 2016-02-29 CVE-2016-0216

Stack-based buffer overflow in IBM Tivoli Storage Manager FastBack 5.5 and 6.1.x through 6.1.11.1 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a different vulnerability than CVE-2016-0212 and CVE-2016-0213.

9.8 2016-02-29 CVE-2016-0213

Stack-based buffer overflow in IBM Tivoli Storage Manager FastBack 5.5 and 6.1.x through 6.1.11.1 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a different vulnerability than CVE-2016-0212 and CVE-2016-0216.

9.8 2016-02-29 CVE-2016-0212

Stack-based buffer overflow in IBM Tivoli Storage Manager FastBack 5.5 and 6.1.x through 6.1.11.1 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a different vulnerability than CVE-2016-0213 and CVE-2016-0216.

10 2015-08-03 CVE-2015-4935

Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12.1 allows remote attackers to execute arbitrary code via a crafted packet, a different vulnerability than CVE-2015-4931, CVE-2015-4932, CVE-2015-4933, and CVE-2015-4934.

10 2015-08-03 CVE-2015-4934

Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12.1 allows remote attackers to execute arbitrary code via a crafted packet, a different vulnerability than CVE-2015-4931, CVE-2015-4932, CVE-2015-4933, and CVE-2015-4935.

10 2015-08-03 CVE-2015-4933

Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12.1 allows remote attackers to execute arbitrary code via a crafted packet, a different vulnerability than CVE-2015-4931, CVE-2015-4932, CVE-2015-4934, and CVE-2015-4935.

10 2015-08-03 CVE-2015-4932

Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12.1 allows remote attackers to execute arbitrary code via a crafted packet, a different vulnerability than CVE-2015-4931, CVE-2015-4933, CVE-2015-4934, and CVE-2015-4935.

10 2015-08-03 CVE-2015-4931

Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12.1 allows remote attackers to execute arbitrary code via a crafted packet, a different vulnerability than CVE-2015-4932, CVE-2015-4933, CVE-2015-4934, and CVE-2015-4935.

10 2015-06-30 CVE-2015-1986

The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to execute arbitrary commands via unspecified vectors, a different vulnerability than CVE-2015-1938.

7.8 2015-06-30 CVE-2015-1965

Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a different vulnerability than CVE-2015-1924, CVE-2015-1925, CVE-2015-1929, CVE-2015-1930, CVE-2015-1948, CVE-2015-1953, CVE-2015-1954, CVE-2015-1962, CVE-2015-1963, and CVE-2015-1964.

7.8 2015-06-30 CVE-2015-1964

Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a different vulnerability than CVE-2015-1924, CVE-2015-1925, CVE-2015-1929, CVE-2015-1930, CVE-2015-1948, CVE-2015-1953, CVE-2015-1954, CVE-2015-1962, CVE-2015-1963, and CVE-2015-1965.

7.8 2015-06-30 CVE-2015-1963

Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a different vulnerability than CVE-2015-1924, CVE-2015-1925, CVE-2015-1929, CVE-2015-1930, CVE-2015-1948, CVE-2015-1953, CVE-2015-1954, CVE-2015-1962, CVE-2015-1964, and CVE-2015-1965.

7.8 2015-06-30 CVE-2015-1962

Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a different vulnerability than CVE-2015-1924, CVE-2015-1925, CVE-2015-1929, CVE-2015-1930, CVE-2015-1948, CVE-2015-1953, CVE-2015-1954, CVE-2015-1963, CVE-2015-1964, and CVE-2015-1965.

7.8 2015-06-30 CVE-2015-1954

Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a different vulnerability than CVE-2015-1924, CVE-2015-1925, CVE-2015-1929, CVE-2015-1930, CVE-2015-1948, CVE-2015-1953, CVE-2015-1962, CVE-2015-1963, CVE-2015-1964, and CVE-2015-1965.

7.8 2015-06-30 CVE-2015-1953

Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a different vulnerability than CVE-2015-1924, CVE-2015-1925, CVE-2015-1929, CVE-2015-1930, CVE-2015-1948, CVE-2015-1954, CVE-2015-1962, CVE-2015-1963, CVE-2015-1964, and CVE-2015-1965.

10 2015-06-30 CVE-2015-1949

The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to execute arbitrary commands with SYSTEM privileges via unspecified vectors.

7.8 2015-06-30 CVE-2015-1948

Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a different vulnerability than CVE-2015-1924, CVE-2015-1925, CVE-2015-1929, CVE-2015-1930, CVE-2015-1953, CVE-2015-1954, CVE-2015-1962, CVE-2015-1963, CVE-2015-1964, and CVE-2015-1965.

9.3 2015-06-30 CVE-2015-1942

The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to write to arbitrary files, and subsequently execute these files, via a crafted TCP packet to an unspecified port.

7.8 2015-06-30 CVE-2015-1941

The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to read arbitrary files via a crafted TCP packet to an unspecified port.

10 2015-06-30 CVE-2015-1938

The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to execute arbitrary commands via unspecified vectors, a different vulnerability than CVE-2015-1986.

CWE : Common Weakness Enumeration

%idName
80% (28) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
8% (3) CWE-77 Improper Sanitization of Special Elements used in a Command ('Comma...
5% (2) CWE-284 Access Control (Authorization) Issues
2% (1) CWE-200 Information Exposure
2% (1) CWE-20 Improper Input Validation

Information Assurance Vulnerability Management (IAVM)

id Description
2015-B-0095 Multiple Security Vulnerabilities in IBM Tivoli Storage Manager FastBack
Severity: Category I - VMSKEY: V0061283

Snort® IPS/IDS

Date Description
2017-11-21 IBM Tivoli Storage Manager FastBack command injection attempt
RuleID : 44634 - Type : SERVER-OTHER - Revision : 2
2017-04-06 IBM Tivoli Storage Manager Fastback buffer overflow attempt
RuleID : 41802 - Type : SERVER-OTHER - Revision : 2
2017-04-06 IBM Tivoli Storage Manager Fastback buffer overflow attempt
RuleID : 41801 - Type : SERVER-OTHER - Revision : 2
2017-04-06 IBM Tivoli Storage Manager Fastback buffer overflow attempt
RuleID : 41800 - Type : SERVER-OTHER - Revision : 2
2017-04-06 IBM Tivoli Storage Manager Fastback buffer overflow attempt
RuleID : 41799 - Type : SERVER-OTHER - Revision : 2
2017-02-21 IBM Tivoli Storage Manager FastBack server denial of service attempt
RuleID : 41366 - Type : SERVER-OTHER - Revision : 1
2016-12-20 IBM Tivoli Storage Manager FastBack directory traversal attempt
RuleID : 40766 - Type : SERVER-OTHER - Revision : 2
2016-11-11 IBM Tivoli Storage Manager FastBack opcode 4115 remote code execution attempt
RuleID : 40422 - Type : SERVER-OTHER - Revision : 2
2016-11-08 IBM Tivoli Storage Manager FastBack opcode 1301 remote code execution attempt
RuleID : 40358 - Type : SERVER-OTHER - Revision : 2
2016-09-27 IBM Tivoli Storage Manager FastBack command injection attempt
RuleID : 39924 - Type : SERVER-OTHER - Revision : 2
2016-04-19 IBM Tivoli Storage Manager FastBack Server opcode 1329 buffer overflow attempt
RuleID : 38248 - Type : SERVER-OTHER - Revision : 1
2016-03-14 IBM Tivoli Storage Manager FastBack Server buffer overflow attempt
RuleID : 36823 - Type : SERVER-OTHER - Revision : 3
2016-03-14 IBM Tivoli Storage Manager FastBack Server opcode 1332 buffer overflow attempt
RuleID : 36463 - Type : SERVER-OTHER - Revision : 3
2015-07-22 IBM Tivoli Storage Manager FastBack buffer overflow attempt
RuleID : 34943 - Type : SERVER-OTHER - Revision : 3
2015-07-22 IBM Tivoli Storage Manager FastBack buffer overflow attempt
RuleID : 34942 - Type : SERVER-OTHER - Revision : 3
2015-07-22 IBM Tivoli Storage Manager FastBack buffer overflow attempt
RuleID : 34941 - Type : SERVER-OTHER - Revision : 3
2015-07-22 IBM Tivoli Storage Manager FastBack buffer overflow attempt
RuleID : 34940 - Type : SERVER-OTHER - Revision : 3
2015-07-22 IBM Tivoli Storage Manager FastBack buffer overflow attempt
RuleID : 34939 - Type : SERVER-OTHER - Revision : 3
2015-07-22 IBM Tivoli Storage Manager FastBack buffer overflow attempt
RuleID : 34938 - Type : SERVER-OTHER - Revision : 3
2015-06-30 IBM Tivoli Storage Manager FastBack buffer overflow attempt
RuleID : 34603 - Type : SERVER-OTHER - Revision : 4
2015-06-09 IBM Tivoli Storage Manager FastBack buffer overflow attempt
RuleID : 34353 - Type : SERVER-OTHER - Revision : 4
2015-06-09 IBM Tivoli Storage Manager FastBack buffer overflow attempt
RuleID : 34352 - Type : SERVER-OTHER - Revision : 4
2015-06-09 IBM Tivoli Storage Manager FastBack buffer overflow attempt
RuleID : 34351 - Type : SERVER-OTHER - Revision : 4
2015-06-09 IBM Tivoli Storage Manager FastBack buffer overflow attempt
RuleID : 34350 - Type : SERVER-OTHER - Revision : 4
2015-06-09 IBM Tivoli Storage Manager FastBack buffer overflow attempt
RuleID : 34349 - Type : SERVER-OTHER - Revision : 4

Nessus® Vulnerability Scanner

id Description
2016-12-27 Name: A virtual mount application running on the remote host is affected by a remot...
File: ibm_tsm_fastback_mount_GetVaultDump_stack_overflow.nasl - Type: ACT_DESTRUCTIVE_ATTACK
2016-06-07 Name: A remote backup service is affected by an information disclosure vulnerability.
File: ibm_tsm_fastback_server_opcode_1329_info_disclosure.nasl - Type: ACT_ATTACK
2016-03-09 Name: The remote backup service is affected by multiple vulnerabilities.
File: ibm_tsm_fastback_server_6_1_12_2.nasl - Type: ACT_GATHER_INFO
2016-03-04 Name: The remote backup service is affected by multiple vulnerabilities.
File: ibm_tsm_fastback_server_5_5.nasl - Type: ACT_GATHER_INFO
2016-02-18 Name: The remote Ubuntu host is missing a security-related patch.
File: ubuntu_USN-2903-1.nasl - Type: ACT_GATHER_INFO
2015-08-06 Name: The remote backup service is affected by multiple vulnerabilities.
File: ibm_tsm_fastback_server_6_1_12_1.nasl - Type: ACT_GATHER_INFO
2015-07-07 Name: The remote backup service is affected by multiple vulnerabilities.
File: ibm_tsm_fastback_server_6_1_12.nasl - Type: ACT_GATHER_INFO
2015-05-08 Name: The remote backup service is affected by multiple vulnerabilities.
File: ibm_tsm_fastback_server_6_1_11_1.nasl - Type: ACT_GATHER_INFO