Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2010-4604

CWE-787Out-of-bounds WriteCWE-119Buffer Overflow4 documents4 sources
Severity
7.2HIGH
EPSS
0.3%
top 46.27%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
IBM Tivoli Storage Manager
Timeline
PublishedDec 29
Latest updateMay 14

Description

Stack-based buffer overflow in the GeneratePassword function in dsmtca (aka the Trusted Communications Agent or TCA) in the backup-archive client in IBM Tivoli Storage Manager (TSM) 5.3.x before 5.3.6.10, 5.4.x before 5.4.3.4, 5.5.x before 5.5.2.10, and 6.1.x before 6.1.3.1 on Unix and Linux allows local users to gain privileges by specifying a long LANG environment variable, and then sending a request over a pipe.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

NVDibm/tivoli_storage_manager5.3.05.3.6.7+3

🔴Vulnerability Details

2
GHSA
GHSA-734m-2p7j-vmrx: Stack-based buffer overflow in the GeneratePassword function in dsmtca (aka the Trusted Communications Agent or TCA) in the backup-archive client in I2022-05-14
CVEList
CVE-2010-4604: Stack-based buffer overflow in the GeneratePassword function in dsmtca (aka the Trusted Communications Agent or TCA) in the backup-archive client in I2010-12-29

💥Exploits & PoCs

1
Exploit-DB
IBM Tivoli Storage Manager (TSM) - Local Privilege Escalation2010-12-15
CVE-2010-4604 (HIGH CVSS 7.2) | Stack-based buffer overflow in the | cvebase.io