CVE-2006-6309

Multiple array index errors in IBM Tivoli Storage Manager (TSM) before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to read arbitrary memory locations and cause a denial of service (crash) via a large index value in unspecified messages, a different issue than CVE-2006-5855.

Published: Dec 6, 2006
Updated: Apr 13, 2023
CVE: CVE-2006-6309
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
ibm / tivoli_storage_manager	5.3.1	5.3.1.x
ibm / tivoli_storage_manager	5.3.3	5.3.3.x
ibm / tivoli_storage_manager	5.3.0	5.3.0.x
ibm / tivoli_storage_manager	-	5.2.9.x
ibm / tivoli_storage_manager	5.3.2	5.3.2.x

http://securityreason.com/securityalert/1979
http://www-1.ibm.com/support/docview.wss?uid=swg21250261
http://www.securityfocus.com/archive/1/453544/100/0/threaded
http://www.tippingpoint.com/security/advisories/TSRT-06-14.html

Vulnerability Database

CVE-2006-6309