Difference between revisions of "EGI CSIRT:Alerts/tsm-2010-12-16"
Jump to navigation
Jump to search
Line 1: | Line 1: | ||
'''DRAFT''' | '''This Advisory is a DRAFT''' | ||
<pre> | <pre> | ||
Line 7: | Line 7: | ||
EGI CSIRT ADVISORY [EGI-ADV-2010-12-16] | EGI CSIRT ADVISORY [EGI-ADV-2010-12-16] | ||
Title: | Title: HIGH root vulnerabilities in Tivoli Storage Manager (TSM) client software [EGI-ADV-20101216] TLP:WHITE | ||
Date: 2010-12-16 | Date: 2010-12-16 | ||
Line 17: | Line 17: | ||
Multiple vulnerabilities have been found in IBM Tivoli Storage Manager (TSM) client software. | Multiple vulnerabilities have been found in IBM Tivoli Storage Manager (TSM) client software. | ||
This is | This is a HIGH risk for the EGI infrastructure as a whole, but is CRITICAL for sites running the vulnerable software. | ||
A patch is available from the vendor (see link below). | A patch is available from the vendor (see link below). | ||
Line 36: | Line 35: | ||
============= | ============= | ||
This issue has been assessed as | This issue has been assessed as HIGH by the EGI CSIRT for the EGI infrastructure as a whole | ||
but is CRITICAL for sites running the vulnerable software. | |||
Line 56: | Line 55: | ||
========== | ========== | ||
Site may wish to delete / move affected commands until a patch is applied: | |||
rm /opt/tivoli/tsm/client/ba/bin/dsmtca | |||
Line 62: | Line 63: | ||
================================== | ================================== | ||
Fixes are available from IBM, linked from the Alert at | Fixes and instructions are available from IBM, linked from the Alert at | ||
http://www-01.ibm.com/support/docview.wss?uid=swg21454745&myns=swgtiv&mynp=OCSSGSG7&mync=E | http://www-01.ibm.com/support/docview.wss?uid=swg21454745&myns=swgtiv&mynp=OCSSGSG7&mync=E | ||
Line 71: | Line 72: | ||
These sites should immediately apply the vendor patches. | These sites should immediately apply the vendor patches. | ||
Credit | Credit |
Revision as of 15:13, 16 December 2010
This Advisory is a DRAFT
** WHITE information - Unlimited distribution allowed ** ** see https://wiki.egi.eu/wiki/EGI_CSIRT:TLP for distribution restrictions ** EGI CSIRT ADVISORY [EGI-ADV-2010-12-16] Title: HIGH root vulnerabilities in Tivoli Storage Manager (TSM) client software [EGI-ADV-20101216] TLP:WHITE Date: 2010-12-16 URL: https://wiki.egi.eu/wiki/EGI_CSIRT:Alerts/tsm-2010-12-16number> Introduction ============ Multiple vulnerabilities have been found in IBM Tivoli Storage Manager (TSM) client software. This is a HIGH risk for the EGI infrastructure as a whole, but is CRITICAL for sites running the vulnerable software. A patch is available from the vendor (see link below). Details ======= One of the vulnerabilities would allow unauthorized users with network access to execute commands. The commands could, for example, allow the attacker to read, copy, alter, or delete files on the client machine. The other vulnerabilities would allow a local user to read, copy, alter, or delete files, or to replace system files on the client with arbitrary content. Risk Category ============= This issue has been assessed as HIGH by the EGI CSIRT for the EGI infrastructure as a whole but is CRITICAL for sites running the vulnerable software. Affected Software ================= IBM Tivoli Storage Manager (TSM). RedHat packages are named TIVsm-*. For each release, the vendor has provided the version numbers for vulnerable and fixed patch levels. Release Vulnerable versions Fixed version TSM 6.2 6.2.0.0 through 6.2.1.1 6.2.2 TSM 6.1 6.1.0.0 through 6.1.3.4 6.1.4 TSM 5.5 5.5.0.0 through 5.5.2.12 5.5.3 TSM 5.4 5.4.0.0 through 5.4.3.3 5.4.3.4 Mitigation ========== Site may wish to delete / move affected commands until a patch is applied: rm /opt/tivoli/tsm/client/ba/bin/dsmtca Component Installation information ================================== Fixes and instructions are available from IBM, linked from the Alert at http://www-01.ibm.com/support/docview.wss?uid=swg21454745&myns=swgtiv&mynp=OCSSGSG7&mync=E Recommendations =============== Sites running IBM Tivoli Storage Manager should check if they are running a vulnerable version. These sites should immediately apply the vendor patches. Credit ====== This vulnerability was reported by IBM and Kryptos Logic. References ========== IBM Alert: http://www-01.ibm.com/support/docview.wss?uid=swg21454745&myns=swgtiv&mynp=OCSSGSG7&mync=E Timeline ======== 2010-12-16 2010-12-14 IBM alert published 2010-12-15 EGI CSIRT / RAT /SVG notified 2010-12-16 EGI advisory published On behalf of the EGI CSIRT and SVG