CVE-2010-4604

Sažetak

Stack-based buffer overflow in the GeneratePassword function in dsmtca (aka the Trusted Communications Agent or TCA) in the backup-archive client in IBM Tivoli Storage Manager (TSM) 5.3.x before 5.3.6.10, 5.4.x before 5.4.3.4, 5.5.x before 5.5.2.10, and 6.1.x before 6.1.3.1 on Unix and Linux allows local users to gain privileges by specifying a long LANG environment variable, and then sending a request over a pipe.

Reference

http://www.ibm.com/support/docview.wss?uid=swg21454745
http://securitytracker.com/id?1024901
http://www-01.ibm.com/support/docview.wss?uid=swg1IC65491
http://www.vupen.com/english/advisories/2010/3251
http://secunia.com/advisories/42639
http://www.exploit-db.com/exploits/15745
http://www.kryptoslogic.com/advisories/2010/kryptoslogic-ibm-tivoli-dsmtca.txt
http://www.kryptoslogic.com/advisories/2010/kryptoslogic-ibm-tivoli-dsmtca-exploit.c
http://www.securityfocus.com/archive/1/515263/100/0/threaded

CVSS

Base:	7.2
Impact:	10.0
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

13-12-2022 - 21:27

Objavljeno

29-12-2010 - 18:00