Back to search
CVE-2006-5855
Published: Dec 6, 2006
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple buffer overflows in IBM Tivoli Storage Manager (TSM) before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in (1) the language field at logon that begins with a 0x18 byte, (2) two unspecified parameters to the SmExecuteWdsfSession function, and (3) the contact field in an open registration message.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://www-1.ibm.com/support/docview.wss?uid=swg21250261
x_refsource_CONFIRM
http://www.tippingpoint.com/security/advisories/TSRT-06-14.html
x_refsource_MISC
tivoli-registration-message-bo(30702)
vdb-entry
x_refsource_XF
IC50347
vendor-advisory
x_refsource_AIXAPAR
VU#350625
third-party-advisory
x_refsource_CERT-VN
1979
third-party-advisory
x_refsource_SREASON
ADV-2006-4856
vdb-entry
x_refsource_VUPEN
21440
vdb-entry
x_refsource_BID
VU#887249
third-party-advisory
x_refsource_CERT-VN
1017333
vdb-entry
x_refsource_SECTRACK
20061204 TSRT-06-14: IBM Tivoli Storage Manager Mutiple Buffer Overflow Vulnerabilities
mailing-list
x_refsource_BUGTRAQ
tivoli-login-language-bo(30699)
vdb-entry
x_refsource_XF
23177
third-party-advisory
x_refsource_SECUNIA
tivoli-smexecutewdsfsession-bo(30701)
vdb-entry
x_refsource_XF
VU#478753
third-party-advisory
x_refsource_CERT-VN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now