Description
Buffer overflow in the Client Acceptor Daemon (CAD), dsmcad.exe, in certain IBM Tivoli Storage Manager (TSM) clients 5.1 before 5.1.8.1, 5.2 before 5.2.5.2, 5.3 before 5.3.5.3, and 5.4 before 5.4.1.2 allows remote attackers to execute arbitrary code via crafted HTTP headers, aka IC52905.
Exploits
45732007-10-27remoteWindows
IBM Tivoli Storage Manager 5.3 - Express CAD Service Buffer Overflow
By muts
167642010-05-09remoteWindows
IBM Tivoli Storage Manager Express CAD Service - Remote Buffer Overflow (Metasploit) (2)
By Metasploit
References
cve@mitre.org
http://osvdb.org/38161cve@mitre.org
http://secunia.com/advisories/26883cve@mitre.org
http://securityreason.com/securityalert/3184cve@mitre.org
http://www.securityfocus.com/archive/1/480492cve@mitre.org
http://www.securityfocus.com/bid/25743cve@mitre.org
http://www.securitytracker.com/id?1018725cve@mitre.org
http://www.vupen.com/english/advisories/2007/3228af854a3a-2127-422b-91ae-364da2661108
http://osvdb.org/38161af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/26883af854a3a-2127-422b-91ae-364da2661108
http://securityreason.com/securityalert/3184af854a3a-2127-422b-91ae-364da2661108
http://www-1.ibm.com/support/docview.wss?uid=swg21268775af854a3a-2127-422b-91ae-364da2661108
http://www-1.ibm.com/support/search.wss?rs=0&q=IC52905&apar=onlyaf854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/archive/1/480492af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/25743af854a3a-2127-422b-91ae-364da2661108
http://www.securitytracker.com/id?1018725af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2007/3228af854a3a-2127-422b-91ae-364da2661108
http://www.zerodayinitiative.com/advisories/ZDI-07-054.htmlaf854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/36700