Fred, Are you talking about this one?
Widely Deployed Software (2) HIGH: IBM Tivoli Storage Manager Multiple Vulnerabilities Affected: IBM Tivoli Storage Manager and Storage Manager Express Clients versions 5.1 through 5.4 Description: IBM Tivoli Storage Manager is IBM's enterprise storage management solution. The client component of this application contains multiple vulnerabilities. A flaw in the Client Acceptor Daemon (CAD) can lead to a buffer overflow. Successfully exploiting this buffer overflow could lead to an attacker executing arbitrary code with the privileges of the vulnerable process. Additionally, an undisclosed flaw in the scheduling component can lead to data disclosure and possibly other vulnerabilities. Some technical details for the buffer overflow vulnerabilities are publicly available. Status: IBM confirmed, updates available. References: IBM Security Advisory http://www-1.ibm.com/support/docview.wss?uid=swg21268775 Zero Dat Initiative Advisory http://zerodayinitiative.com/advisories/ZDI-07-054.html SecurityFocus BID http://www.securityfocus.com/bid/25743 Thank You, Dan Lane [EMAIL PROTECTED] - Email "This email message and any attachments are confidential and may be privileged. If you are not the intended recipient, please notify the American Board of Family Medicine immediately -- by replying to this message or by sending an email to [EMAIL PROTECTED] If you are not the intended recipient, you must immediately destroy all copies of this message and any attachments without reading or disclosing their contents. Thank you. For more information regarding the American Board of Family Medicine, please visit us at https://www.theabfm.org/."; -----Original Message----- From: ADSM: Dist Stor Manager [mailto:[EMAIL PROTECTED] On Behalf Of Fred Johanson Sent: Tuesday, September 25, 2007 1:40 PM To: [email protected] Subject: [ADSM-L] Security alert Anybody seen any more details on the TSM security alert issued yesterday? Fred Johanson TSM Administrator University of Chicago 773-702-8464
