CVE-2010-4604

Stack-based buffer overflow in the GeneratePassword function in dsmtca (aka the Trusted Communications Agent or TCA) in the backup-archive client in IBM Tivoli Storage Manager (TSM) 5.3.x before 5.3.6.10, 5.4.x before 5.4.3.4, 5.5.x before 5.5.2.10, and 6.1.x before 6.1.3.1 on Unix and Linux allows local users to gain privileges by specifying a long LANG environment variable, and then sending a request over a pipe.
References
Link Resource
http://secunia.com/advisories/42639 Broken Link Vendor Advisory
http://securitytracker.com/id?1024901 Broken Link Third Party Advisory VDB Entry
http://www-01.ibm.com/support/docview.wss?uid=swg1IC65491 Broken Link
http://www.exploit-db.com/exploits/15745 Exploit Third Party Advisory VDB Entry
http://www.ibm.com/support/docview.wss?uid=swg21454745 Broken Link Vendor Advisory
http://www.kryptoslogic.com/advisories/2010/kryptoslogic-ibm-tivoli-dsmtca-exploit.c Broken Link Exploit
http://www.kryptoslogic.com/advisories/2010/kryptoslogic-ibm-tivoli-dsmtca.txt Broken Link
http://www.securityfocus.com/archive/1/515263/100/0/threaded Broken Link Third Party Advisory VDB Entry
http://www.vupen.com/english/advisories/2010/3251 Broken Link Vendor Advisory
http://secunia.com/advisories/42639 Broken Link Vendor Advisory
http://securitytracker.com/id?1024901 Broken Link Third Party Advisory VDB Entry
http://www-01.ibm.com/support/docview.wss?uid=swg1IC65491 Broken Link
http://www.exploit-db.com/exploits/15745 Exploit Third Party Advisory VDB Entry
http://www.ibm.com/support/docview.wss?uid=swg21454745 Broken Link Vendor Advisory
http://www.kryptoslogic.com/advisories/2010/kryptoslogic-ibm-tivoli-dsmtca-exploit.c Broken Link Exploit
http://www.kryptoslogic.com/advisories/2010/kryptoslogic-ibm-tivoli-dsmtca.txt Broken Link
http://www.securityfocus.com/archive/1/515263/100/0/threaded Broken Link Third Party Advisory VDB Entry
http://www.vupen.com/english/advisories/2010/3251 Broken Link Vendor Advisory
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:ibm:tivoli_storage_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_storage_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_storage_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:tivoli_storage_manager:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2010-12-29 18:00

Updated : 2025-04-11 00:51


NVD link : CVE-2010-4604

Mitre link : CVE-2010-4604

CVE.ORG link : CVE-2010-4604


JSON object : View

Products Affected

linux

  • linux_kernel

ibm

  • tivoli_storage_manager
CWE
CWE-787

Out-of-bounds Write