CVE-2015-1930

IBM Tivoli Storage Manager Fastback - Memory Corruption

Title source: rule

Description

Stack-based buffer overflow in the server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors, a different vulnerability than CVE-2015-1924, CVE-2015-1925, CVE-2015-1929, CVE-2015-1948, CVE-2015-1953, CVE-2015-1954, CVE-2015-1962, CVE-2015-1963, CVE-2015-1964, and CVE-2015-1965.

Exploits (1)

metasploit WORKING POC

by Gianni Gnesa · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/dos/misc/ibm_tsm_dos.rb

View Code ZIP pw:eip

References (4)

[Vendor Advisory] http://www-01.ibm.com/support/docview.wss?uid=swg21959398

[Third Party Advisory] http://www.zerodayinitiative.com/advisories/ZDI-15-265

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/75452

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1032773

Scores

EPSS 0.7004

EPSS Percentile 98.7%

Details

CWE

CWE-119

Status published

Products (11)

ibm/tivoli_storage_manager_fastback 6.1.0.0

ibm/tivoli_storage_manager_fastback 6.1.1.0

ibm/tivoli_storage_manager_fastback 6.1.7.2

ibm/tivoli_storage_manager_fastback 6.1.8.0

ibm/tivoli_storage_manager_fastback 6.1.8.1

ibm/tivoli_storage_manager_fastback 6.1.9.0

ibm/tivoli_storage_manager_fastback 6.1.9.1

ibm/tivoli_storage_manager_fastback 6.1.10.0

ibm/tivoli_storage_manager_fastback 6.1.10.1

ibm/tivoli_storage_manager_fastback 6.1.11.0

... and 1 more

Published Jun 30, 2015

Tracked Since Feb 18, 2026