CVE-2006-5855
published 2006-12-06CVE-2006-5855: Multiple buffer overflows in IBM Tivoli Storage Manager (TSM) before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to cause a denial of service (crash)…
PriorityP346critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
26.33%
97.7th percentile
Multiple buffer overflows in IBM Tivoli Storage Manager (TSM) before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in (1) the language field at logon that begins with a 0x18 byte, (2) two unspecified parameters to the SmExecuteWdsfSession function, and (3) the contact field in an open registration message.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | tivoli_storage_manager | <= 5.2.9 | — |
| ibm | tivoli_storage_manager | — | — |
| ibm | tivoli_storage_manager | — | — |
| ibm | tivoli_storage_manager | — | — |
| ibm | tivoli_storage_manager | — | — |
| ibm | tivoli_storage_manager | — | — |
| ibm | tivoli_storage_manager | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-7r4r-3fxw-5p8q: Multiple buffer overflows in IBM Tivoli Storage Manager (TSM) before 5
ghsa_unreviewed·2022-05-01
CVE-2006-5855 [HIGH] GHSA-7r4r-3fxw-5p8q: Multiple buffer overflows in IBM Tivoli Storage Manager (TSM) before 5
Multiple buffer overflows in IBM Tivoli Storage Manager (TSM) before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in (1) the language field at logon that begins with a 0x18 byte, (2) two unspecified parameters to the SmExecuteWdsfSession function, and (3) the contact field in an open registration message.
GHSA
GHSA-hjwm-vvgm-jhxw: Multiple array index errors in IBM Tivoli Storage Manager (TSM) before 5
ghsa_unreviewed·2022-05-01·CVSS 10.0
CVE-2006-6309 [CRITICAL] GHSA-hjwm-vvgm-jhxw: Multiple array index errors in IBM Tivoli Storage Manager (TSM) before 5
Multiple array index errors in IBM Tivoli Storage Manager (TSM) before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to read arbitrary memory locations and cause a denial of service (crash) via a large index value in unspecified messages, a different issue than CVE-2006-5855.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://secunia.com/advisories/23177http://securityreason.com/securityalert/1979http://securitytracker.com/id?1017333http://www-1.ibm.com/support/docview.wss?uid=swg1IC50347http://www-1.ibm.com/support/docview.wss?uid=swg21250261http://www.kb.cert.org/vuls/id/350625http://www.kb.cert.org/vuls/id/478753http://www.kb.cert.org/vuls/id/887249http://www.securityfocus.com/archive/1/453544/100/0/threadedhttp://www.securityfocus.com/bid/21440http://www.tippingpoint.com/security/advisories/TSRT-06-14.htmlhttp://www.vupen.com/english/advisories/2006/4856https://exchange.xforce.ibmcloud.com/vulnerabilities/30699https://exchange.xforce.ibmcloud.com/vulnerabilities/30701https://exchange.xforce.ibmcloud.com/vulnerabilities/30702http://secunia.com/advisories/23177http://securityreason.com/securityalert/1979http://securitytracker.com/id?1017333http://www-1.ibm.com/support/docview.wss?uid=swg1IC50347http://www-1.ibm.com/support/docview.wss?uid=swg21250261http://www.kb.cert.org/vuls/id/350625http://www.kb.cert.org/vuls/id/478753http://www.kb.cert.org/vuls/id/887249http://www.securityfocus.com/archive/1/453544/100/0/threadedhttp://www.securityfocus.com/bid/21440http://www.tippingpoint.com/security/advisories/TSRT-06-14.htmlhttp://www.vupen.com/english/advisories/2006/4856https://exchange.xforce.ibmcloud.com/vulnerabilities/30699https://exchange.xforce.ibmcloud.com/vulnerabilities/30701https://exchange.xforce.ibmcloud.com/vulnerabilities/30702
2006-12-06
Published