Heap-based buffer overflow in the Data Protection for SQL CAD service (aka dsmcat.exe) in the Client Acceptor Daemon (CAD) and the scheduler in the Backup-Archive client 5.1.0.0 up to and including 5.1.8.1, 5.2.0.0 up to and including 5.2.5.2, 5.3.0.0 up to and including 5.3.6.1, 5.4.0.0 up to and including 5.4.2.2, and 5.5.0.0 up to and including 5.5.0.91 in IBM Tivoli Storage Manager (TSM); and the Backup-Archive client in TSM Express; allows remote malicious users to execute arbitrary code by sending a large amount of crafted data to a TCP port.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm tivoli storage manager client |
||
ibm tivoli storage manager express |