Ibm Tivoli Storage Manager Fastback vulnerabilities

CVE-2010-3760 [HIGH] CVE-2010-3760: FastBackMount.exe in the Mount service in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through FastBackMount.exe in the Mount service in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 does not properly handle a certain failure to allocate memory, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash, and recovery failure) by specifying a large size value within

CVE-2010-3755 [MEDIUM] CVE-2010-3755: The _DAS_ReadBlockReply function in FastBackServer.exe in the Server in IBM Tivoli Storage Manager ( The _DAS_ReadBlockReply function in FastBackServer.exe in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via data in a TCP packet. NOTE: this might overlap CVE-2010-3060.

CVE-2010-3756 [MEDIUM] CVE-2010-3756: The _CalcHashValueWithLength function in FastBackServer.exe in the Server in IBM Tivoli Storage Mana The _CalcHashValueWithLength function in FastBackServer.exe in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 does not properly validate an unspecified length value, which allows remote attackers to cause a denial of service (daemon crash) by sending data over TCP. NOTE: this might overlap CVE-2010-

CVE-2010-3059 [HIGH] CWE-119 CVE-2010-3059: Buffer overflow in the message-protocol implementation in the Server in IBM Tivoli Storage Manager ( Buffer overflow in the message-protocol implementation in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.x.x before 5.5.7, and 6.1.0.0, allows remote attackers to read and modify data, and possibly have other impact, via an unspecified command.

CVE-2010-3058 [HIGH] CWE-399 CVE-2010-3058: The Mount service in IBM Tivoli Storage Manager (TSM) FastBack 5.x.x before 5.5.7, and 6.1.0.0, esta The Mount service in IBM Tivoli Storage Manager (TSM) FastBack 5.x.x before 5.5.7, and 6.1.0.0, establishes an open UDP port, which might allow remote attackers to overwrite memory locations and execute arbitrary code, or cause a denial of service (application hang), via unspecified vectors.

CVE-2010-3060 [MEDIUM] CVE-2010-3060: Unspecified vulnerability in the message-protocol implementation in the Server in IBM Tivoli Storage Unspecified vulnerability in the message-protocol implementation in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.x.x before 5.5.7, and 6.1.0.0, allows remote attackers to cause a denial of service (daemon outage) via unknown vectors.

CVE-2010-3061 [MEDIUM] CVE-2010-3061: Unspecified vulnerability in the message-protocol implementation in the Mount service in IBM Tivoli Unspecified vulnerability in the message-protocol implementation in the Mount service in IBM Tivoli Storage Manager (TSM) FastBack 5.x.x before 5.5.7, and 6.1.0.0, allows remote attackers to cause a denial of service (recovery failure), and possibly trigger loss of data, via unknown vectors.