SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

Download | Alert*

CVE

CVE-2010-3758

Multiple stack-based buffer overflows in FastBackServer.exe in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 allow remote attackers to execute arbitrary code via vectors involving the (1) AGI_SendToLog (aka _SendToLog) function; the (2) group, (3) workgroup, or (4) domain name field to the USER_S_AddADGroup function; the (5) user_path variable to the FXCLI_checkIndexDBLocation function; or (6) the _AGI_S_ActivateLTScriptReply (aka ActivateLTScriptReply) function. NOTE: this might overlap CVE-2010-3059.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 10.0
Exploit Score: 10.0
Impact Score: 10.0

CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE

Reference:

http://www.securityfocus.com/archive/1/514072/100/0/threaded

http://www.securityfocus.com/archive/1/514078/100/0/threaded

http://www.securityfocus.com/archive/1/514067/100/0/threaded

http://www.securityfocus.com/archive/1/514059/100/0/threaded

IC69883

http://www.ibm.com/support/docview.wss?uid=swg21443820

http://zerodayinitiative.com/advisories/ZDI-10-180/

http://zerodayinitiative.com/advisories/ZDI-10-181/

http://zerodayinitiative.com/advisories/ZDI-10-183/

http://zerodayinitiative.com/advisories/ZDI-10-184/


30479



423868



248038



909



194772



282