Lucene search
Lola MontezZDI-15-263HistoryJun 30, 2015 - 12:00 a.m.
IBM Tivoli Storage Manager FastBack Server FXCLI_OraBR_Exec_Command Remote Code Execution Vulnerability
2015-06-3000:00:00
Lola Montez
www.zerodayinitiative.com
16
EPSS
0.932
Percentile
99.1%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM Tivoli Storage Manager FastBack. Authentication is not required to exploit this vulnerability. The specific flaw exists within the FXCLI_OraBR_Exec_Command function. By sending a crafted packet on TCP port 11460, an attacker is able to cause a stack buffer overflow. An attacker can use this to execute arbitrary code under the context of SYSTEM.
Related
checkpoint_advisories
checkpoint_advisories
ibm
ibm
prion
prion
cvelist
cvelist
nvd
nvd
cve
cve
openvas
openvas
IBM Tivoli Storage Manager FastBack Multiple Vulnerabilities (Jul 2015)
2015-07-03 00:00:00
nessus
nessus
IBM Tivoli Storage Manager FastBack 6.1.x < 6.1.12 Multiple Vulnerabilities
2015-07-07 00:00:00