The Tivoli Storage Manager (IBM Spectrum Protect) AIX client is vulnerable to a buffer overflow when Journal-Based Backup is enabled allowing a local attacker to execute arbitrary code on the system or cause a system crash.
CVE(s): CVE-2016-5985
Affected product(s) and affected version(s):
The following levels of IBM Tivoli Storage Manager (IBM Spectrum Protect) Client are affected on the AIX platform:
- 7.1.0.0 through 7.1.6.2
- 6.4.0.0 through 6.4.3.3
- 6.3.0.0 through 6.3.2.5
- 6.2, 6.1, and 5.5 all levels (these releases are EOS)
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2gkJaNn
X-Force Database: http://ift.tt/2heFs55
from IBM Product Security Incident Response Team http://ift.tt/2gkAMNZ
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.