Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2009.0487 -- [Win][UNIX/Linux][Solaris][AIX]
IBM Tivoli Storage Manager: Multiple Vulnerabilities
20 May 2009
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: IBM Tivoli Storage Manager
Publisher: IBM
Operating System: AIX
Solaris
UNIX variants (UNIX, Linux, OSX)
Windows
Impact: Increased Privileges
Provide Misleading Information
Denial of Service
Access: Remote/Unauthenticated
CVE Names: CVE-2009-1522 CVE-2009-1521 CVE-2009-1520
Original Bulletin:
http://www-01.ibm.com/support/docview.wss?uid=swg21321838
- --------------------------BEGIN INCLUDED TEXT--------------------
IC59779: TSM CLIENT JAVA GUI UNAUTHORIZED ACCESS SECURITY VULNERABILITY
APAR status
Closed as program error.
Error description
TSM client Java GUI unauthorized access security vulnerability.
Only affects the Java GUI. Command line and other GUIs are
not affected.
Local fix
Problem summary
****************************************************************
* USERS AFFECTED: All 5.2.x, 5.3.x, 5.4.x, and 5.5.x clients *
* running on platforms where the Java GUI is *
* supported (the web client GUI, native GUI, *
* and command line intefaces are unaffected) *
****************************************************************
* PROBLEM DESCRIPTION: See Error Description *
****************************************************************
* RECOMMENDATION: Apply fixing level when available. This *
* problem is currently projected to be fixed *
* in the following levels: *
* *
* - 5.2.5.4: AIX 32-bit, HP PA-RISC, Solaris *
* *
* - 5.3.6.6: AIX 32-bit, HP PA-RISC, Linux *
* x86, Solaris SPARC, and the TSM Express *
* clients for Windows x32 and x64 *
* (the Express clients are included in the *
* TSM Express 5.3.6.6 client package) *
* *
* - 5.4.2.7: Unix, Linux, and Mac *
**
* - 5.5.2.0: Unix, Linux, and Mac *
**
****************************************************************
Problem conclusion
The problem has been fixed so it no longer occurs.
Temporary fix
Comments
jad, 30 April 2009, updated with 5.4.2.7 level
APAR information
APAR number IC59779
Reported component name TSM CLIENT
Reported component ID 5698ISMCL
Reported release 54A
Status CLOSED PER
PE NoPE
HIPER NoHIPER
Special Attention NoSpecatt
Submitted date 2009-01-29
Closed date 2009-02-24
Last modified date 2009-05-01
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Modules/Macros
DSMAGENT DSMJ
Publications Referenced
Fix information
Fixed component name TSM CLIENT
Fixed component ID 5698ISMCL
Applicable component levels
R52A PSY UP
R52H PSY UP
R52S PSY UP
R53A PSY UP
R53H PSY UP
R53L PSY UP
R53O PSY UP
R53S PSY UP
R53W PSY UP
R53X PSY UP
R54A PSY UP
R54E PSY UP
R54H PSY UP
R54I PSY UP
R54L PSY UP
R54M PSY UP
R54P PSY UP
R54S PSY UP
R54X PSY UP
R55A PSY UP
R55E PSY UP
R55H PSY UP
R55I PSY UP
R55L PSY UP
R55M PSY UP
R55P PSY UP
R55S PSY UP
R55T PSY UP
R55Z PSY UP
Copyright and trademark information
IBM, the IBM logo and ibm.com are trademarks of International Business
Machines Corp., registered in many jurisdictions worldwide. Other product
and service names might be trademarks of IBM or other companies. A current
list of IBM trademarks is available on the Web at "Copyright and trademark
information" at www.ibm.com/legal/copytrade.shtml.
- ------------------------------------------------------------------------------------------------------------------
IC59781: TSM AIX AND WINDOWS SSL CLIENT MAN-IN-THE-MIDDLE SECURITY
VULNERABILITY
APAR status
Closed as program error.
Error description
TSM 5.5 AIX or Windows SSL client man-in-the-middle Security
vulnerability
Local fix
Problem summary
****************************************************************
* USERS AFFECTED: Backup-archive client versions 5.5.0.x and *
* 5.5.1.x on AIX and Windows *
****************************************************************
* PROBLEM DESCRIPTION: See Error Description *
****************************************************************
* RECOMMENDATION: Apply fixing level when available. This *
* problem is currently projected to be fixed *
* in the following level: *
* *
* - 5.5.2.0: AIX and Windows *
* *
* Note that until the fixing level is *
* actually made available, this information is *
* *
* subject to change at the discretion of IBM. *
****************************************************************
*
Problem conclusion
The problem has been fixed so it no longer occurs.
Temporary fix
Comments
APAR information
APAR number IC59781
Reported component name TSM CLIENT
Reported component ID 5698ISMCL
Reported release 55A
Status CLOSED PER
PE NoPE
HIPER NoHIPER
Special Attention NoSpecatt
Submitted date 2009-01-29
Closed date 2009-02-24
Last modified date 2009-05-01
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Modules/Macros
DSMADMC DSMC
Publications Referenced
Fix information
Fixed component name TSM CLIENT
Fixed component ID 5698ISMCL
Applicable component levels
R55A PSY UP
R55D PSY UP
R55F PSY UP
R55W PSY UP
Copyright and trademark information
IBM, the IBM logo and ibm.com are trademarks of International Business
Machines Corp., registered in many jurisdictions worldwide. Other product
and service names might be trademarks of IBM or other companies. A current
list of IBM trademarks is available on the Web at "Copyright and trademark
information" at www.ibm.com/legal/copytrade.shtml.
- -------------------------------------------------------------------------------------------------------------------
IC59994: TSM WEB CLIENT BUFFER OVERRUN SECURITY VULNERABILITY
APAR status
Closed as program error.
Error description
Buffer overrun vulnerability in the TSM client Web GUI
Local fix
Problem summary
****************************************************************
* USERS AFFECTED: All 5.1.x, 5.2.x, 5.3.x, 5.4.x, and 5.5.x *
* clients that support the Web GUI *
****************************************************************
* PROBLEM DESCRIPTION: See Error Description *
****************************************************************
* RECOMMENDATION: Apply fixing level when available. This *
* problem is currently projected to be fixed *
* in the following levels: *
* *
* - 5.1.8.3: Tru64 *
* *
* - 5.2.5.4: AIX 32-bit, HP PA-RISC, Solaris, *
* Windows x32 *
* *
* - 5.3.6.6: AIX 32-bit, HP PA-RISC, Linux *
* x86, Solaris, Windows x32, Windows x64, *
* and TSM Express 5.3.6.6 client package *
* *
* - 5.4.2.7: All platforms *
**
* - 5.5.2.0: All platforms *
****************************************************************
*
Problem conclusion
The problem has been fixed so it no longer occurs.
Temporary fix
Comments
jad, 30 April 2009, updated with 5.4.2.7 level
APAR information
APAR number IC59994
Reported component name TSM CLIENT
Reported component ID 5698ISMCL
Reported release 55W
Status CLOSED PER
PE NoPE
HIPER NoHIPER
Special Attention NoSpecatt
Submitted date 2009-02-12
Closed date 2009-02-24
Last modified date 2009-05-01
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
PK85190
Modules/Macros
DSMAGENT
Publications Referenced
Fix information
Fixed component name TSM CLIENT
Fixed component ID 5698ISMCL
Applicable component levels
R51T PSY UP
R52A PSY UP
R52H PSY UP
R52S PSY UP
R52W PSY UP
R53A PSY UP
R53H PSY UP
R53L PSY UP
R53O PSY UP
R53S PSY UP
R53W PSY UP
R54A PSY UP
R54D PSY UP
R54E PSY UP
R54F PSY UP
R54H PSY UP
R54I PSY UP
R54L PSY UP
R54M PSY UP
R54N PSY UP
R54P PSY UP
R54S PSY UP
R54W PSY UP
R54X PSY UP
R55A PSY UP
R55D PSY UP
R55E PSY UP
R55F PSY UP
R55H PSY UP
R55I PSY UP
R55L PSY UP
R55M PSY UP
R55N PSY UP
R55P PSY UP
R55S PSY UP
R55T PSY UP
R55W PSY UP
R55Z PSY UP
Copyright and trademark information
IBM, the IBM logo and ibm.com are trademarks of International Business
Machines Corp., registered in many jurisdictions worldwide. Other product
and service names might be trademarks of IBM or other companies. A current
list of IBM trademarks is available on the Web at "Copyright and trademark
information" at www.ibm.com/legal/copytrade.shtml.
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iD8DBQFKE4boNVH5XJJInbgRAqDvAJ9HE//jAdb6nkkr+b1ma09mzLrEMgCeMSdX
sH7oN2n78+DS5P8dG+bbt5I=
=KCAU
-----END PGP SIGNATURE-----