Lucene search

MitreCVE-2002-0541

HistoryJul 03, 2002 - 4:00 a.m.

CVE-2002-0541

2002-07-0304:00:00

mitre

web.nvd.nist.gov

buffer overflow

tsm server

storage agents

tsm client

denial of service

remote attack

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.4

Confidence

High

EPSS

0.03

Percentile

90.9%

JSON

Buffer overflow in Tivoli Storage Manager TSM (1) Server or Storage Agents 3.1 through 5.1, and (2) the TSM Client Acceptor Service 4.2 and 5.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request to port 1580 or port 1581.

Affected configurations

Nvd

Node

ibmtivoli_storage_managerMatch4.2

ibmtivoli_storage_managerMatch4.2.1

VendorProductVersionCPE
ibmtivoli_storage_manager4.2cpe:2.3:a:ibm:tivoli_storage_manager:4.2:*:*:*:*:*:*:*
ibmtivoli_storage_manager4.2.1cpe:2.3:a:ibm:tivoli_storage_manager:4.2.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	tivoli_storage_manager	4.2	cpe:2.3:a:ibm:tivoli_storage_manager:4.2:::::::*
ibm	tivoli_storage_manager	4.2.1	cpe:2.3:a:ibm:tivoli_storage_manager:4.2.1:::::::*

References

archives.neohapsis.com/archives/bugtraq/2002-04/0126.html

online.securityfocus.com/archive/1/267143

www.iss.net/security_center/static/8817.php

www.iss.net/security_center/static/8825.php

www.securityfocus.com/bid/4492

www.securityfocus.com/bid/4500

www.tivoli.com/support/storage_mgr/flash_httpport.html

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.4

Confidence

High

EPSS

0.03

Percentile

90.9%

JSON

Related for CVE-2002-0541