Showing 1 - 1 of 1

CVE-2008-0247

Status Candidate

Overview

Heap-based buffer overflow in the Express Backup Server service (dsmsvc.exe) in IBM Tivoli Storage Manager (TSM) Express 5.3 before 5.3.7.3 allows remote attackers to execute arbitrary code via a packet with a large length value.

Related Files

Zero Day Initiative Advisory 08-01: Posted Jan 14, 2008; Authored by Tipping Point, Sebastian Apelt, Tenable Network Security | Site zerodayinitiative.com; A vulnerability allows attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Storage Manager Express. Authentication is not required to exploit this vulnerability. The specific flaw resides in the TSM Express Backup Server service, dsmsvc.exe, which listens by default on TCP port 1500. The process trusts a user-supplied length value. By supplying a large number, an attacker can overflow a static heap buffer leading to arbitrary code execution in the context of the SYSTEM user. Tivoli Storage Manager Express version 5.3 is affected.; tags | advisory, overflow, arbitrary, tcp, code execution; advisories | CVE-2008-0247; SHA-256 | d3505a1cd6fd799ea1c25183890de56f606ba71453077a7b318259b08b71a0a0; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 273 files
Ubuntu 99 files
indoushka 44 files
Jasper Nota 25 files
Gentoo 19 files
Willem Westerhof 19 files
Jim Blankendaal 11 files
Debian 11 files
Apple 10 files
Martijn Baalman 9 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,084)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,534)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,580)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,432)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,710)
UNIX (9,432)
UnixWare (187)
Windows (6,668)
Other

CVE-2008-0247

Overview

Related Files

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems