Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2004-2762

The server in IBM Tivoli Storage Manager (TSM) 4.2.x on MVS, 5.1.9.x before 5.1.9.1, 5.1.x before 5.1.10, 5.2.2.x before 5.2.2.3, 5.2.x before 5.2.3, 5.3.x before 5.3.0, and 6.x before 6.1, when the HTTP communication method is enabled, allows remote attackers to cause a denial of service (daemon crash or hang) via unspecified HTTP traffic, as demonstrated by the IBM port scanner 1.3.1.

Published

2009-03-31T18:24:45.797

Last Modified

2025-04-09T00:30:58.490

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 4.3 (MEDIUM)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:N/I:N/A:P

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: PARTIAL

Exploitability Score

8.6

Impact Score

2.9

Weaknesses

Type: Primary
NVD-CWE-Other

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	ibm	tivoli_storage_manager	4.2	Yes
Application	ibm	tivoli_storage_manager	4.2.1	Yes
Application	ibm	tivoli_storage_manager	4.2.2	Yes
Application	ibm	tivoli_storage_manager	4.2.3	Yes
Application	ibm	tivoli_storage_manager	4.2.4	Yes
Operating System	ibm	mvs	*	No
Application	ibm	tivoli_storage_manager	5.1.0	Yes
Application	ibm	tivoli_storage_manager	5.1.1	Yes
Application	ibm	tivoli_storage_manager	5.1.5	Yes
Application	ibm	tivoli_storage_manager	5.1.6	Yes
Application	ibm	tivoli_storage_manager	5.1.7	Yes
Application	ibm	tivoli_storage_manager	5.1.8	Yes
Application	ibm	tivoli_storage_manager	5.1.9	Yes
Application	ibm	tivoli_storage_manager	5.2.0	Yes
Application	ibm	tivoli_storage_manager	5.2.1	Yes
Application	ibm	tivoli_storage_manager	5.2.2	Yes
Application	ibm	tivoli_storage_manager	5.3	Yes
Application	ibm	tivoli_storage_manager	6.0	Yes

References

http://secunia.com/advisories/34498 Vendor Advisory ([email protected])
http://securitytracker.com/id?1021946 ([email protected])
http://www-01.ibm.com/support/docview.wss?uid=swg21246076 ([email protected])
http://www-01.ibm.com/support/docview.wss?uid=swg21375360 ([email protected])
http://www-1.ibm.com/support/docview.wss?uid=swg1IC39395 Vendor Advisory ([email protected])
http://www.securityfocus.com/bid/34285 ([email protected])
http://www.vupen.com/english/advisories/2009/0881 Vendor Advisory ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/49535 ([email protected])
http://secunia.com/advisories/34498 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://securitytracker.com/id?1021946 (af854a3a-2127-422b-91ae-364da2661108)
http://www-01.ibm.com/support/docview.wss?uid=swg21246076 (af854a3a-2127-422b-91ae-364da2661108)
http://www-01.ibm.com/support/docview.wss?uid=swg21375360 (af854a3a-2127-422b-91ae-364da2661108)
http://www-1.ibm.com/support/docview.wss?uid=swg1IC39395 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/34285 (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2009/0881 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/49535 (af854a3a-2127-422b-91ae-364da2661108)