Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:54EB3366117B47DF5AEE0E32C28CF8C6
HistoryMay 11, 2009 - 12:00 a.m.

Tivoli Storage Manager Client dsmagent.exe NodeName buffer overflow

2009-05-1100:00:00
SAINT Corporation
www.saintcorporation.com
12

EPSS

0.95

Percentile

99.3%

JSON

Added: 05/11/2009
CVE: CVE-2008-4828
BID: 34803
OSVDB: 54232

Background

IBM Tivoli Storage Manager (TSM) provides centralized management for automated backup and restoration operations. It runs a Client Acceptor Daemon (CAD) on ports 1581/TCP and 1582/TCP. The Client Acceptor Daemon, upon receiving a request over the network, starts the Remote Client Agent service (**dsmagent.exe**) which listens on port 1584/TCP.

Problem

A buffer overflow vulnerability in the Remote Client Agent service allows remote attackers to execute arbitrary commands by sending a dicuGetIdentify Request with a long, specially crafted NodeName parameter.

Resolution

Apply a security fix.

References

<http://secunia.com/secunia_research/2008-55/&gt;

Limitations

Exploit works on Tivoli Storage Manager Backup Client 5.3.6.2.

Platforms

Windows 2000
Windows Server 2003

Related

securityvulns 2
cve 1
metasploit 1
saint 3
prion 1
d2 1
checkpoint_advisories 1
nvd 1
cvelist 1
packetstorm 1
exploitdb 1
securityvulns
securityvulns
Secunia Research: IBM Tivoli Storage Manager Remote Agent Service Buffer Overflows
2009-05-04 00:00:00
IBM Tivoli Storage Manager Remote Agent buffer overflow
2009-05-04 00:00:00
cve
cve
CVE-2008-4828
2009-05-05 17:30:00
metasploit
metasploit
IBM Tivoli Storage Manager Express RCA Service Buffer Overflow
2009-12-20 22:40:14
saint
saint
Tivoli Storage Manager Client dsmagent.exe NodeName buffer overflow
2009-05-11 00:00:00
Tivoli Storage Manager Client dsmagent.exe NodeName buffer overflow
2009-05-11 00:00:00
Tivoli Storage Manager Client dsmagent.exe NodeName buffer overflow
2009-05-11 00:00:00
prion
prion
Stack overflow
2009-05-05 17:30:00
d2
d2
DSquare Exploit Pack: D2SEC_TSMCAD2
2009-05-05 17:30:00
checkpoint_advisories
checkpoint_advisories
IBM Tivoli Storage Manager Agent Client Generic String Handling Buffer Overflow (CVE-2008-4828)
2009-05-20 00:00:00
nvd
nvd
CVE-2008-4828
2009-05-05 17:30:00
cvelist
cvelist
CVE-2008-4828
2009-05-05 17:00:00
packetstorm
packetstorm
IBM Tivoli Storage Manager Express RCA Service Buffer Overflow
2009-12-31 00:00:00
exploitdb
exploitdb
IBM Tivoli Storage Manager Express RCA Service - Remote Buffer Overflow (Metasploit)
2010-05-09 00:00:00

EPSS

0.95

Percentile

99.3%

JSON
Related for SAINT:54EB3366117B47DF5AEE0E32C28CF8C6
securityvulns2cve1metasploit1saint3prion1d21checkpoint_advisories1nvd1cvelist1packetstorm1exploitdb1