Trend Micro Security

IBM Tivoli Storage Manager Express Backup Heap Corruption

2015年7月21日
  危険度: : 緊急
  CVE識別番号: CVE-2008-4563

  概要

Heap-based buffer overflow in adsmdll.dll 5.3.7.7296, as used by the daemon (dsmsvc.exe) in the backup server in IBM Tivoli Storage Manager (TSM) Express 5.3.7.3 and earlier and TSM 5.2, 5.3 before 5.3.6.0, and 5.4.0.0 through 5.4.4.0, allows remote attackers to execute arbitrary code via a crafted length value.

  トレンドマイクロの対策

Apply associated Trend Micro DPI Rules.

  対応方法

  Trend Micro Deep Security DPI Rule Number: 1003393
  Trend Micro Deep Security DPI Rule Name: 1003393 - IBM Tivoli Storage Manager Express Backup Heap Corruption

  影響を受けるソフトウェア

  • ibm tivoli_storage_manager 5.2
  • ibm tivoli_storage_manager 5.3
  • ibm tivoli_storage_manager 5.3.0
  • ibm tivoli_storage_manager 5.3.1
  • ibm tivoli_storage_manager 5.3.2
  • ibm tivoli_storage_manager 5.3.2.4
  • ibm tivoli_storage_manager 5.3.3
  • ibm tivoli_storage_manager 5.3.4
  • ibm tivoli_storage_manager 5.3.5.1
  • ibm tivoli_storage_manager 5.4.0
  • ibm tivoli_storage_manager 5.4.1
  • ibm tivoli_storage_manager 5.4.2
  • ibm tivoli_storage_manager 5.4.2.2
  • ibm tivoli_storage_manager 5.4.2.3
  • ibm tivoli_storage_manager 5.4.2.4
  • ibm tivoli_storage_manager 5.4.4.0
  • ibm tivoli_storage_manager_express 5.3
  • ibm tivoli_storage_manager_express 5.3.3.0
  • ibm tivoli_storage_manager_express 5.3.6.4
  • ibm tivoli_storage_manager_express 5.3.7.3