CVE-2004-2762

Sažetak

The server in IBM Tivoli Storage Manager (TSM) 4.2.x on MVS, 5.1.9.x before 5.1.9.1, 5.1.x before 5.1.10, 5.2.2.x before 5.2.2.3, 5.2.x before 5.2.3, 5.3.x before 5.3.0, and 6.x before 6.1, when the HTTP communication method is enabled, allows remote attackers to cause a denial of service (daemon crash or hang) via unspecified HTTP traffic, as demonstrated by the IBM port scanner 1.3.1.

Reference

http://secunia.com/advisories/34498
http://securitytracker.com/id?1021946
http://www.securityfocus.com/bid/34285
http://www.vupen.com/english/advisories/2009/0881
http://www-01.ibm.com/support/docview.wss?uid=swg21246076
http://www-01.ibm.com/support/docview.wss?uid=swg21375360
http://www-1.ibm.com/support/docview.wss?uid=swg1IC39395
https://exchange.xforce.ibmcloud.com/vulnerabilities/49535

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	PARTIAL

CVSS vektor

AV:N/AC:M/Au:N/C:N/I:N/A:P

Zadnje važnije ažuriranje

17-08-2017 - 01:29

Objavljeno

31-03-2009 - 18:24