Lucene search

MitreCVE-2004-2762

HistoryMar 31, 2009 - 6:24 p.m.

CVE-2004-2762

2009-03-3118:24:45

mitre

web.nvd.nist.gov

ibm

tivoli storage manager

tsm

mvs

http

denial of service

daemon crash

hang

cve-2004-2762

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

6.8

Confidence

Low

EPSS

0.014

Percentile

86.7%

JSON

The server in IBM Tivoli Storage Manager (TSM) 4.2.x on MVS, 5.1.9.x before 5.1.9.1, 5.1.x before 5.1.10, 5.2.2.x before 5.2.2.3, 5.2.x before 5.2.3, 5.3.x before 5.3.0, and 6.x before 6.1, when the HTTP communication method is enabled, allows remote attackers to cause a denial of service (daemon crash or hang) via unspecified HTTP traffic, as demonstrated by the IBM port scanner 1.3.1.

Affected configurations

Nvd

Node

ibmtivoli_storage_managerMatch4.2

ibmtivoli_storage_managerMatch4.2.1

ibmtivoli_storage_managerMatch4.2.2

ibmtivoli_storage_managerMatch4.2.3

ibmtivoli_storage_managerMatch4.2.4

AND

ibmmvs

Node

ibmtivoli_storage_managerMatch5.1.0

ibmtivoli_storage_managerMatch5.1.1

ibmtivoli_storage_managerMatch5.1.5

ibmtivoli_storage_managerMatch5.1.6

ibmtivoli_storage_managerMatch5.1.7

ibmtivoli_storage_managerMatch5.1.8

ibmtivoli_storage_managerMatch5.1.9

ibmtivoli_storage_managerMatch5.2.0

ibmtivoli_storage_managerMatch5.2.1

ibmtivoli_storage_managerMatch5.2.2

ibmtivoli_storage_managerMatch5.3

ibmtivoli_storage_managerMatch6.0

VendorProductVersionCPE
ibmtivoli_storage_manager4.2cpe:2.3:a:ibm:tivoli_storage_manager:4.2:*:*:*:*:*:*:*
ibmtivoli_storage_manager4.2.1cpe:2.3:a:ibm:tivoli_storage_manager:4.2.1:*:*:*:*:*:*:*
ibmtivoli_storage_manager4.2.2cpe:2.3:a:ibm:tivoli_storage_manager:4.2.2:*:*:*:*:*:*:*
ibmtivoli_storage_manager4.2.3cpe:2.3:a:ibm:tivoli_storage_manager:4.2.3:*:*:*:*:*:*:*
ibmtivoli_storage_manager4.2.4cpe:2.3:a:ibm:tivoli_storage_manager:4.2.4:*:*:*:*:*:*:*
ibmmvs*cpe:2.3:o:ibm:mvs:*:*:*:*:*:*:*:*
ibmtivoli_storage_manager5.1.0cpe:2.3:a:ibm:tivoli_storage_manager:5.1.0:*:*:*:*:*:*:*
ibmtivoli_storage_manager5.1.1cpe:2.3:a:ibm:tivoli_storage_manager:5.1.1:*:*:*:*:*:*:*
ibmtivoli_storage_manager5.1.5cpe:2.3:a:ibm:tivoli_storage_manager:5.1.5:*:*:*:*:*:*:*
ibmtivoli_storage_manager5.1.6cpe:2.3:a:ibm:tivoli_storage_manager:5.1.6:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	tivoli_storage_manager	4.2	cpe:2.3:a:ibm:tivoli_storage_manager:4.2:::::::*
ibm	tivoli_storage_manager	4.2.1	cpe:2.3:a:ibm:tivoli_storage_manager:4.2.1:::::::*
ibm	tivoli_storage_manager	4.2.2	cpe:2.3:a:ibm:tivoli_storage_manager:4.2.2:::::::*
ibm	tivoli_storage_manager	4.2.3	cpe:2.3:a:ibm:tivoli_storage_manager:4.2.3:::::::*
ibm	tivoli_storage_manager	4.2.4	cpe:2.3:a:ibm:tivoli_storage_manager:4.2.4:::::::*
ibm	mvs	*	cpe:2.3:o:ibm:mvs::::::::
ibm	tivoli_storage_manager	5.1.0	cpe:2.3:a:ibm:tivoli_storage_manager:5.1.0:::::::*
ibm	tivoli_storage_manager	5.1.1	cpe:2.3:a:ibm:tivoli_storage_manager:5.1.1:::::::*
ibm	tivoli_storage_manager	5.1.5	cpe:2.3:a:ibm:tivoli_storage_manager:5.1.5:::::::*
ibm	tivoli_storage_manager	5.1.6	cpe:2.3:a:ibm:tivoli_storage_manager:5.1.6:::::::*

Rows per page:

1-10 of 181

References

secunia.com/advisories/34498

securitytracker.com/id?1021946

www-01.ibm.com/support/docview.wss?uid=swg21246076

www-01.ibm.com/support/docview.wss?uid=swg21375360

www-1.ibm.com/support/docview.wss?uid=swg1IC39395

www.securityfocus.com/bid/34285

www.vupen.com/english/advisories/2009/0881

exchange.xforce.ibmcloud.com/vulnerabilities/49535

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

AI Score

6.8

Confidence

Low

EPSS

0.014

Percentile

86.7%

JSON

Related for CVE-2004-2762