[VIM] ZDI-10-182: IBM TSM FastBack Server FXCLI_OraBR_Exec_Command Remote Code Execution Vulnerabilities
security curmudgeon
jericho at attrition.org
Thu Oct 7 17:15:18 CDT 2010
: ZDI-10-182: IBM TSM FastBack Server FXCLI_OraBR_Exec_Command Remote Code Execution Vulnerabilities
: http://www.zerodayinitiative.com/advisories/ZDI-10-182
: September 29, 2010
:
: The specific flaw exists within FastBackServer.exe which listens by
: default on TCP port 11460. The vulnerable function uses values directly
: from a received packet as the size and data to several memcpy calls. By
: providing crafted values this issue can lead to remote code execution
: under the context of the fastback server.
Can you confirm 11460 here? The rest of the advisories say 11406 for the
port.
More information about the VIM
mailing list