Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0247

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2008-0247
Last Modified 18 Oct 2011 12:00:00
Published 11 Jan 2008 09:46:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-0247

Summary

Heap-based buffer overflow in the Express Backup Server service (dsmsvc.exe) in IBM Tivoli Storage Manager (TSM) Express 5.3 before 5.3.7.3 allows remote attackers to execute arbitrary code via a packet with a large length value.

Vulnerable Systems

Application

  • Ibm Tivoli Storage Manager Express 5.3


References

BID - 27235

CONFIRM - http://www-1.ibm.com/support/docview.wss?uid=swg21291536

SECUNIA - 28440

XF - ibm-tsmexpressserver-bo(39604)

MISC - http://www.zerodayinitiative.com/advisories/ZDI-08-001.html

VUPEN - ADV-2008-0106

SECTRACK - 1019182

BUGTRAQ - 20080114 ZDI-08-001: IBM Tivoli Storage Manager Express Backup Server Heap Overflow Vulnerability


Last Updated: 27 May 2016 10:46:44