|
|
|
|
| |
Credit:
The information has been provided by iDefense Labs Security Advisories.
The original article can be found at: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=775
|
| |
Vulnerable Systems:
* Tivoli Storage Manager Express version 5.3.7.3 with adsmdll.dll version 5.3.7.7296
The vulnerability exists within adsmdll.dll which is loaded by the Tivoli Storage Manager Express daemon dsmsvc.exe. The vulnerable function allocates a fixed-size heap buffer, and uses part of this buffer for storing session related data. A user-supplied value is then used as the length of bytes to copy into this buffer. Due to a lack of bounds checking, a buffer overflow can occur.
Analysis:
Exploitation allows an attacker to execute arbitrary code with SYSTEM privileges. No authentication is required to exploit this vulnerability.
Vendor response:
IBM Corp,'s Tivoli team has released patches and workarounds to address this vulnerability. For more information, consult their advisory at the following URL.
http://www-01.ibm.com/support/docview.wss?uid=swg21377388
CVE Information:
CVE-2008-4563
Disclosure timeline:
03/10/2008 - Coordinated public disclosure
03/10/2008 - Status update received
03/10/2008 - Status updated requested
07/22/2008 - Initial Contact
07/31/2008 - Initial Response
07/31/2008 - PoC Requested
07/31/2008 - PoC Sent
09/02/2008 - Status update received - no estimated release date
09/12/2008 - Status update received - no estimated release date
09/23/2008 - Status update received - estimated release date February 2009
|
|
|
|
|
