Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2762

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2004-2762
Last Modified 08 Apr 2009 12:27:53
Published 31 Mar 2009 02:24:45
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2004-2762

Summary

The server in IBM Tivoli Storage Manager (TSM) 4.2.x on MVS, 5.1.9.x before 5.1.9.1, 5.1.x before 5.1.10, 5.2.2.x before 5.2.2.3, 5.2.x before 5.2.3, 5.3.x before 5.3.0, and 6.x before 6.1, when the HTTP communication method is enabled, allows remote attackers to cause a denial of service (daemon crash or hang) via unspecified HTTP traffic, as demonstrated by the IBM port scanner 1.3.1.

Vulnerable Systems

Application

  • Ibm Tivoli Storage Manager 4.2

  • Ibm Tivoli Storage Manager 4.2.1

  • Ibm Tivoli Storage Manager 4.2.2

  • Ibm Tivoli Storage Manager 4.2.3

  • Ibm Tivoli Storage Manager 4.2.4

  • Ibm Tivoli Storage Manager 5.1.0

  • Ibm Tivoli Storage Manager 5.1.1

  • Ibm Tivoli Storage Manager 5.1.5

  • Ibm Tivoli Storage Manager 5.1.6

  • Ibm Tivoli Storage Manager 5.1.7

  • Ibm Tivoli Storage Manager 5.1.8

  • Ibm Tivoli Storage Manager 5.1.9

  • Ibm Tivoli Storage Manager 5.2.0

  • Ibm Tivoli Storage Manager 5.2.1

  • Ibm Tivoli Storage Manager 5.2.2

  • Ibm Tivoli Storage Manager 5.3

  • Ibm Tivoli Storage Manager 6.0


References

XF - tsm-http-dos(49535)

VUPEN - ADV-2009-0881

BID - 34285

AIXAPAR - IC39395

CONFIRM - http://www-01.ibm.com/support/docview.wss?uid=swg21375360

CONFIRM - http://www-01.ibm.com/support/docview.wss?uid=swg21246076

SECTRACK - 1021946

SECUNIA - 34498


Last Updated: 27 May 2016 10:39:37