CVE-2010-3754

The FXCLI_OraBR_Exec_Command function in FastBackServer.exe in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 uses values of packet fields to determine the content and length of data copied to memory, which allows remote attackers to execute arbitrary code via a crafted packet. NOTE: this might overlap CVE-2010-3059.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www-01.ibm.com/support/docview.wss?uid=swg1IC69883	Vendor Advisory
http://www.ibm.com/support/docview.wss?uid=swg21443820	Vendor Advisory
http://www.securityfocus.com/archive/1/514058/100/0/threaded
http://zerodayinitiative.com/advisories/ZDI-10-182/

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:ibm:tivoli_storage_manager_fastback:5.5.0:::::::*
	cpe:2.3:a:ibm:tivoli_storage_manager_fastback:5.5.1:::::::*
	cpe:2.3:a:ibm:tivoli_storage_manager_fastback:5.5.2:::::::*
	cpe:2.3:a:ibm:tivoli_storage_manager_fastback:5.5.2.0:::::::*
	cpe:2.3:a:ibm:tivoli_storage_manager_fastback:5.5.3.0:::::::*
	cpe:2.3:a:ibm:tivoli_storage_manager_fastback:5.5.4.0:::::::*
	cpe:2.3:a:ibm:tivoli_storage_manager_fastback:5.5.5.0:::::::*
	cpe:2.3:a:ibm:tivoli_storage_manager_fastback:5.5.6.0:::::::*
	cpe:2.3:a:ibm:tivoli_storage_manager_fastback:6.1.0.0:::::::*
	cpe:2.3:a:ibm:tivoli_storage_manager_fastback:6.1.0.1:::::::*

History

No history.

Information

Published : 2010-10-05 22:00

Updated : 2023-12-10 11:03

NVD link : CVE-2010-3754

Mitre link : CVE-2010-3754

CVE.ORG link : CVE-2010-3754

JSON object : View

Products Affected

ibm

tivoli_storage_manager_fastback

CWE

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

{"id": "CVE-2010-3754", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2010-10-05T22:00:06.503", "references": [{"url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC69883", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.ibm.com/support/docview.wss?uid=swg21443820", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/514058/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://zerodayinitiative.com/advisories/ZDI-10-182/", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-78"}]}], "descriptions": [{"lang": "en", "value": "The FXCLI_OraBR_Exec_Command function in FastBackServer.exe in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 uses values of packet fields to determine the content and length of data copied to memory, which allows remote attackers to execute arbitrary code via a crafted packet. NOTE: this might overlap CVE-2010-3059."}, {"lang": "es", "value": "La funci\u00f3n FXCLI_OraBR_Exec_Command en FastBackServer.exe en el servidor de IBM Tivoli Storage Manager (TSM) Fastback v5.5.0.0 a v5.5.6.0 y v6.1.0.0 a v6.1.0.1 usa valores de los campos del paquete para determinar el contenido y la longitud de los datos copiados a memoria, lo que permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un paquete debidamente modificado. NOTA: esto puede superponerse a CVE-2010-3059."}], "lastModified": "2018-10-10T20:05:16.603", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_fastback:5.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7A482E38-2B78-4064-8682-F7A571D1734C"}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_fastback:5.5.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "840361B9-B3F8-448B-BC7E-065BA4871E46"}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_fastback:5.5.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8734E08A-716E-4E29-A440-5FB437F7EF46"}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_fastback:5.5.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9FF1E98E-B3F5-4348-8D45-B9A8CC916F47"}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_fastback:5.5.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DA49D704-CCC4-48C0-91F9-E6A3A4181FE0"}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_fastback:5.5.4.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5D3202AE-CCAB-4120-8F60-B8809C8B192F"}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_fastback:5.5.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "43030674-F9E7-483E-8F47-4B5075A480D7"}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_fastback:5.5.6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7B6611E2-9E6A-407A-8649-874E12F12791"}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_fastback:6.1.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6C7756DB-DD6D-4A63-9214-131431F809A0"}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_fastback:6.1.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "75B7DD63-0696-4D98-BE7F-05D7E953752E"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}