Thursday, September 20, 2007

Vulnerabilities Found In TSM Client!!!

(APARs IC52905 and IC53616)

Wow I'm glad I added the news section to the blog I saw this article about a possible exploit with the TSM CAD on client systems. I'd try to explain it but it's best to check the article. It can leave systems open for execution of arbitrary code. Check it out here and here. This exploit goes back as far as the 5.1 client so be aware of the issue even with older clients.

Affected Products:

IBM Tivoli Storage Manager Client version 5.1
IBM Tivoli Storage Manager Client version 5.2
IBM Tivoli Storage Manager Client version 5.3
IBM Tivoli Storage Manager Client version 5.4

Solution:

Apply client update package 5.4.1.2 (UK27738 and UK27739) :
http://www.ibm.com/support/docview.wss?uid=swg24016585

Apply client update package 5.3.5.3 (UK29248 and UK29249) :
http://www.ibm.com/support/docview.wss?uid=swg24016838

Apply client update packages 5.2.5.2 and 5.1.8.1 :
http://www.ibm.com/support/docview.wss?uid=swg24016985
http://www.ibm.com/support/docview.wss?uid=swg24016586

Original Advisory:
http://www-1.ibm.com/support/docview.wss?uid=swg21268775

Wednesday, September 12, 2007

Labels Explained

On the lower left column of the website you'll see the Labels header. These labels will help you speed up your searching for content on TSMExpert by narrowing the results and showing all posts that have that label assigned. Need to look for Shared Library articles click the label and you'll see all related posts. I hope it helps and if you don't see a label for what you are looking for Google search TSMExpert for it.

TSMExpert Changes

I have made a number of updates to the sites, mostly cosmetic, but I have also removed some of the contributors who have not submitted lately (last 3 months). If you have an item(s) you would like to contribute I will gladly add you to the contributors list. Send me an e-mail letting me know what item you would like to cover or experience you would like to share or get feedback.

Thursday, September 06, 2007

Free Tivoli Web Based Training

If you are not aware of it, there is some good FREE web based training from Tivoli here. Also if you cannot afford, or take the time, for the regular class training they do have some decent low cost web based training for TSM and CDP (Continuous Data Protection) listed on the site also. Now it's not as thorough as the classroom training but if you have never used TSM it's a good start.