Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2009.0487 -- [Win][UNIX/Linux][Solaris][AIX] IBM Tivoli Storage Manager: Multiple Vulnerabilities 20 May 2009 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: IBM Tivoli Storage Manager Publisher: IBM Operating System: AIX Solaris UNIX variants (UNIX, Linux, OSX) Windows Impact: Increased Privileges Provide Misleading Information Denial of Service Access: Remote/Unauthenticated CVE Names: CVE-2009-1522 CVE-2009-1521 CVE-2009-1520 Original Bulletin: http://www-01.ibm.com/support/docview.wss?uid=swg21321838 - --------------------------BEGIN INCLUDED TEXT-------------------- IC59779: TSM CLIENT JAVA GUI UNAUTHORIZED ACCESS SECURITY VULNERABILITY APAR status Closed as program error. Error description TSM client Java GUI unauthorized access security vulnerability. Only affects the Java GUI. Command line and other GUIs are not affected. Local fix Problem summary **************************************************************** * USERS AFFECTED: All 5.2.x, 5.3.x, 5.4.x, and 5.5.x clients * * running on platforms where the Java GUI is * * supported (the web client GUI, native GUI, * * and command line intefaces are unaffected) * **************************************************************** * PROBLEM DESCRIPTION: See Error Description * **************************************************************** * RECOMMENDATION: Apply fixing level when available. This * * problem is currently projected to be fixed * * in the following levels: * * * * - 5.2.5.4: AIX 32-bit, HP PA-RISC, Solaris * * * * - 5.3.6.6: AIX 32-bit, HP PA-RISC, Linux * * x86, Solaris SPARC, and the TSM Express * * clients for Windows x32 and x64 * * (the Express clients are included in the * * TSM Express 5.3.6.6 client package) * * * * - 5.4.2.7: Unix, Linux, and Mac * ** * - 5.5.2.0: Unix, Linux, and Mac * ** **************************************************************** Problem conclusion The problem has been fixed so it no longer occurs. Temporary fix Comments jad, 30 April 2009, updated with 5.4.2.7 level APAR information APAR number IC59779 Reported component name TSM CLIENT Reported component ID 5698ISMCL Reported release 54A Status CLOSED PER PE NoPE HIPER NoHIPER Special Attention NoSpecatt Submitted date 2009-01-29 Closed date 2009-02-24 Last modified date 2009-05-01 APAR is sysrouted FROM one or more of the following: APAR is sysrouted TO one or more of the following: Modules/Macros DSMAGENT DSMJ Publications Referenced Fix information Fixed component name TSM CLIENT Fixed component ID 5698ISMCL Applicable component levels R52A PSY UP R52H PSY UP R52S PSY UP R53A PSY UP R53H PSY UP R53L PSY UP R53O PSY UP R53S PSY UP R53W PSY UP R53X PSY UP R54A PSY UP R54E PSY UP R54H PSY UP R54I PSY UP R54L PSY UP R54M PSY UP R54P PSY UP R54S PSY UP R54X PSY UP R55A PSY UP R55E PSY UP R55H PSY UP R55I PSY UP R55L PSY UP R55M PSY UP R55P PSY UP R55S PSY UP R55T PSY UP R55Z PSY UP Copyright and trademark information IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml. - ------------------------------------------------------------------------------------------------------------------ IC59781: TSM AIX AND WINDOWS SSL CLIENT MAN-IN-THE-MIDDLE SECURITY VULNERABILITY APAR status Closed as program error. Error description TSM 5.5 AIX or Windows SSL client man-in-the-middle Security vulnerability Local fix Problem summary **************************************************************** * USERS AFFECTED: Backup-archive client versions 5.5.0.x and * * 5.5.1.x on AIX and Windows * **************************************************************** * PROBLEM DESCRIPTION: See Error Description * **************************************************************** * RECOMMENDATION: Apply fixing level when available. This * * problem is currently projected to be fixed * * in the following level: * * * * - 5.5.2.0: AIX and Windows * * * * Note that until the fixing level is * * actually made available, this information is * * * * subject to change at the discretion of IBM. * **************************************************************** * Problem conclusion The problem has been fixed so it no longer occurs. Temporary fix Comments APAR information APAR number IC59781 Reported component name TSM CLIENT Reported component ID 5698ISMCL Reported release 55A Status CLOSED PER PE NoPE HIPER NoHIPER Special Attention NoSpecatt Submitted date 2009-01-29 Closed date 2009-02-24 Last modified date 2009-05-01 APAR is sysrouted FROM one or more of the following: APAR is sysrouted TO one or more of the following: Modules/Macros DSMADMC DSMC Publications Referenced Fix information Fixed component name TSM CLIENT Fixed component ID 5698ISMCL Applicable component levels R55A PSY UP R55D PSY UP R55F PSY UP R55W PSY UP Copyright and trademark information IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml. - ------------------------------------------------------------------------------------------------------------------- IC59994: TSM WEB CLIENT BUFFER OVERRUN SECURITY VULNERABILITY APAR status Closed as program error. Error description Buffer overrun vulnerability in the TSM client Web GUI Local fix Problem summary **************************************************************** * USERS AFFECTED: All 5.1.x, 5.2.x, 5.3.x, 5.4.x, and 5.5.x * * clients that support the Web GUI * **************************************************************** * PROBLEM DESCRIPTION: See Error Description * **************************************************************** * RECOMMENDATION: Apply fixing level when available. This * * problem is currently projected to be fixed * * in the following levels: * * * * - 5.1.8.3: Tru64 * * * * - 5.2.5.4: AIX 32-bit, HP PA-RISC, Solaris, * * Windows x32 * * * * - 5.3.6.6: AIX 32-bit, HP PA-RISC, Linux * * x86, Solaris, Windows x32, Windows x64, * * and TSM Express 5.3.6.6 client package * * * * - 5.4.2.7: All platforms * ** * - 5.5.2.0: All platforms * **************************************************************** * Problem conclusion The problem has been fixed so it no longer occurs. Temporary fix Comments jad, 30 April 2009, updated with 5.4.2.7 level APAR information APAR number IC59994 Reported component name TSM CLIENT Reported component ID 5698ISMCL Reported release 55W Status CLOSED PER PE NoPE HIPER NoHIPER Special Attention NoSpecatt Submitted date 2009-02-12 Closed date 2009-02-24 Last modified date 2009-05-01 APAR is sysrouted FROM one or more of the following: APAR is sysrouted TO one or more of the following: PK85190 Modules/Macros DSMAGENT Publications Referenced Fix information Fixed component name TSM CLIENT Fixed component ID 5698ISMCL Applicable component levels R51T PSY UP R52A PSY UP R52H PSY UP R52S PSY UP R52W PSY UP R53A PSY UP R53H PSY UP R53L PSY UP R53O PSY UP R53S PSY UP R53W PSY UP R54A PSY UP R54D PSY UP R54E PSY UP R54F PSY UP R54H PSY UP R54I PSY UP R54L PSY UP R54M PSY UP R54N PSY UP R54P PSY UP R54S PSY UP R54W PSY UP R54X PSY UP R55A PSY UP R55D PSY UP R55E PSY UP R55F PSY UP R55H PSY UP R55I PSY UP R55L PSY UP R55M PSY UP R55N PSY UP R55P PSY UP R55S PSY UP R55T PSY UP R55W PSY UP R55Z PSY UP Copyright and trademark information IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml. - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 If you believe that your computer system has been compromised or attacked in any way, we encourage you to let us know by completing the secure National IT Incident Reporting Form at: http://www.auscert.org.au/render.html?it=3192 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iD8DBQFKE4boNVH5XJJInbgRAqDvAJ9HE//jAdb6nkkr+b1ma09mzLrEMgCeMSdX sH7oN2n78+DS5P8dG+bbt5I= =KCAU -----END PGP SIGNATURE-----