CVE-2009-3853 Information

Description

Stack-based buffer overflow in the client acceptor daemon (CAD) scheduler in the client in IBM Tivoli Storage Manager (TSM) 5.3 before 5.3.6.7 5.4 before 5.4.3 5.5 before 5.5.2.2 and 6.1 before 6.1.0.2 and TSM Express 5.3.3.0 through 5.3.6.6 allows remote attackers to execute arbitrary code via crafted data in a TCP packet.

Reference

http://secunia.com/advisories/32534 http://secunia.com/secunia_research/2008-51/ http://securitytracker.com/id?1023136 http://www.securityfocus.com/archive/1/507654/100/0/threaded http://www.vupen.com/english/advisories/2009/3132 http://www-01.ibm.com/support/docview.wss?uid=swg1IC61036 http://www-01.ibm.com/support/docview.wss?uid=swg21405562