TSM Topics Feed

Thursday, September 20, 2007

Vulnerabilities Found In TSM Client!!!

(APARs IC52905 and IC53616)

Wow I'm glad I added the news section to the blog I saw this article about a possible exploit with the TSM CAD on client systems. I'd try to explain it but it's best to check the article. It can leave systems open for execution of arbitrary code. Check it out here and here. This exploit goes back as far as the 5.1 client so be aware of the issue even with older clients.

Affected Products:

IBM Tivoli Storage Manager Client version 5.1
IBM Tivoli Storage Manager Client version 5.2
IBM Tivoli Storage Manager Client version 5.3
IBM Tivoli Storage Manager Client version 5.4

Solution:

Apply client update package 5.4.1.2 (UK27738 and UK27739) :
http://www.ibm.com/support/docview.wss?uid=swg24016585

Apply client update package 5.3.5.3 (UK29248 and UK29249) :
http://www.ibm.com/support/docview.wss?uid=swg24016838

Apply client update packages 5.2.5.2 and 5.1.8.1 :
http://www.ibm.com/support/docview.wss?uid=swg24016985
http://www.ibm.com/support/docview.wss?uid=swg24016586

Original Advisory:
http://www-1.ibm.com/support/docview.wss?uid=swg21268775

No comments:

Post a Comment