Stack-based buffer overflow vulnerability in the GeneratePassword function in dsmtca in the backup-archive client in IBM Tivoli Storage Manager (rpm)ID: oval:org.secpod.oval:def:8148 | Date: (C)2012-12-06 (M)2022-12-21 |
Class: VULNERABILITY | Family: unix |
The host is installed with IBM Tivoli Storage Manager 5.3.x before 5.3.6.10, 5.4.x before 5.4.3.4, 5.5.x before 5.5.2.10 or 6.1.x before 6.1.3.1 and is prone to stack-based buffer overflow vulnerability. A flaw is present in the application, which fails to prevent specifying a long LANG environment variable, and then sending a request over a pipe. Successful exploitation allows local users to gain privileges.
Product: |
IBM Tivoli Storage Manager |