IBM Tivoli Storage Manager Client CAD Service Buffer Overflow

Added: 11/20/2009
CVE: CVE-2009-3853
OSVDB: 59632

Background

IBM Tivoli Storage Manager (TSM) provides centralized management for automated backup and restoration operations. It runs a Client Acceptor Daemon (CAD) on port 1582/TCP.

Problem

The vulnerability is caused by an input validation error in the CAD service. This can be exploited to cause a stack-based buffer overflow by sending a specially crafted packet containing a long client computer name via TCP.

Resolution

Upgrade to the latest version.

References

http://secunia.com/secunia_research/2008-51/

Limitations

Exploit works on IBM Tivoli Storage Manager Express Client 5.3.6.6.

The affected Tivoli Storage Manager Express Client must be successfully configured and connected to a Tivoli Storage Manager Server. Note that it may take one or two minutes for the client to connect to the server.

Platforms

Windows

Back to exploit index