CVE-2003-1570 Information

Description

The server in IBM Tivoli Storage Manager (TSM) 5.1.x 5.2.x before 5.2.1.2 and 6.x before 6.1 does not require credentials to observe the server console in some circumstances which allows remote authenticated administrators to monitor server operations by establishing a console mode session related to \session exposure.\

Reference

http://secunia.com/advisories/34498 http://securitytracker.com/id?1021947 http://www.securityfocus.com/bid/34285 http://www.vupen.com/english/advisories/2009/0881 http://www-01.ibm.com/support/docview.wss?uid=swg21375360 http://www-1.ibm.com/support/docview.wss?uid=swg1IC37554 https://exchange.xforce.ibmcloud.com/vulnerabilities/49536