The host is installed with IBM Tivoli Storage Manager 5.3.x before 5.3.6.10, 5.4.x before 5.4.3.4, 5.5.x before 5.5.2.10 or 6.1.x before 6.1.3.1 and is prone to stack-based buffer overflow vulnerability. A flaw is present in the application, which fails to prevent specifying a long LANG environment variable, and then sending a request over a pipe. Successful exploitation allows local users to gain privileges.