IBM warns of flaw in Tivoli Storage Manager Express
- 16 January, 2008 08:42
IBM has issued a warning about a security flaw in Tivoli Storage Manager Express backup and recovery system that could enable unauthorized access to data stored on the system.
IBM issued the alert last week, and recommended that users immediately download and install a patch to fix an uncovered heap overflow security hole in Express Server. If left unprotected the flaw could enable an attacker to execute arbitrary code on at risk systems to compromise TSM Express, said IBM.
A security patch for the heap overflow is included in the Storage Manager Express 126.96.36.199 fix pack software update, IBM said.
According to IBM's security alert, an attacker could deliver specially built packets to a Express server by directly opening the server TCP socket, instead of the TSM client, to enact a buffer overflow. The buffer overflow could allow a remote party to inject arbitrary code directly into TSM Express server that would be executed along with SYSTEM user privileges.
The TSM Express flaw was recently discovered by a security research team at security tool maker TippingPoint, a division of 3Com.
The advisory marks the second time in four months that IBM has scrambled to plug Tivoli Storage Manager security holes. In September, the company notified customers to patch two vulnerabilities in the Tivoli Storage Manager backup client that could allow data to be exposed if left unprotected.