Vulnerabilites related to ibm - mvs
CVE-2004-2762 (GCVE-0-2004-2762)
Vulnerability from cvelistv5
Published
2009-03-31 18:00
Modified
2024-08-08 01:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The server in IBM Tivoli Storage Manager (TSM) 4.2.x on MVS, 5.1.9.x before 5.1.9.1, 5.1.x before 5.1.10, 5.2.2.x before 5.2.2.3, 5.2.x before 5.2.3, 5.3.x before 5.3.0, and 6.x before 6.1, when the HTTP communication method is enabled, allows remote attackers to cause a denial of service (daemon crash or hang) via unspecified HTTP traffic, as demonstrated by the IBM port scanner 1.3.1.
References
| ► | URL | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:36:25.342Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2009-0881",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/0881"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21375360"
},
{
"name": "34285",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/34285"
},
{
"name": "IC39395",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IC39395"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21246076"
},
{
"name": "34498",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34498"
},
{
"name": "1021946",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1021946"
},
{
"name": "tsm-http-dos(49535)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49535"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-04-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The server in IBM Tivoli Storage Manager (TSM) 4.2.x on MVS, 5.1.9.x before 5.1.9.1, 5.1.x before 5.1.10, 5.2.2.x before 5.2.2.3, 5.2.x before 5.2.3, 5.3.x before 5.3.0, and 6.x before 6.1, when the HTTP communication method is enabled, allows remote attackers to cause a denial of service (daemon crash or hang) via unspecified HTTP traffic, as demonstrated by the IBM port scanner 1.3.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2009-0881",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/0881"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21375360"
},
{
"name": "34285",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/34285"
},
{
"name": "IC39395",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IC39395"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21246076"
},
{
"name": "34498",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34498"
},
{
"name": "1021946",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1021946"
},
{
"name": "tsm-http-dos(49535)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49535"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-2762",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The server in IBM Tivoli Storage Manager (TSM) 4.2.x on MVS, 5.1.9.x before 5.1.9.1, 5.1.x before 5.1.10, 5.2.2.x before 5.2.2.3, 5.2.x before 5.2.3, 5.3.x before 5.3.0, and 6.x before 6.1, when the HTTP communication method is enabled, allows remote attackers to cause a denial of service (daemon crash or hang) via unspecified HTTP traffic, as demonstrated by the IBM port scanner 1.3.1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2009-0881",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/0881"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21375360",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21375360"
},
{
"name": "34285",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/34285"
},
{
"name": "IC39395",
"refsource": "AIXAPAR",
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IC39395"
},
{
"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21246076",
"refsource": "CONFIRM",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21246076"
},
{
"name": "34498",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34498"
},
{
"name": "1021946",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1021946"
},
{
"name": "tsm-http-dos(49535)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49535"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-2762",
"datePublished": "2009-03-31T18:00:00",
"dateReserved": "2009-03-31T00:00:00",
"dateUpdated": "2024-08-08T01:36:25.342Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2009-03-31 18:24
Modified
2025-04-09 00:30
Severity ?
Summary
The server in IBM Tivoli Storage Manager (TSM) 4.2.x on MVS, 5.1.9.x before 5.1.9.1, 5.1.x before 5.1.10, 5.2.2.x before 5.2.2.3, 5.2.x before 5.2.3, 5.3.x before 5.3.0, and 6.x before 6.1, when the HTTP communication method is enabled, allows remote attackers to cause a denial of service (daemon crash or hang) via unspecified HTTP traffic, as demonstrated by the IBM port scanner 1.3.1.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | tivoli_storage_manager | 4.2 | |
| ibm | tivoli_storage_manager | 4.2.1 | |
| ibm | tivoli_storage_manager | 4.2.2 | |
| ibm | tivoli_storage_manager | 4.2.3 | |
| ibm | tivoli_storage_manager | 4.2.4 | |
| ibm | mvs | * | |
| ibm | tivoli_storage_manager | 5.1.0 | |
| ibm | tivoli_storage_manager | 5.1.1 | |
| ibm | tivoli_storage_manager | 5.1.5 | |
| ibm | tivoli_storage_manager | 5.1.6 | |
| ibm | tivoli_storage_manager | 5.1.7 | |
| ibm | tivoli_storage_manager | 5.1.8 | |
| ibm | tivoli_storage_manager | 5.1.9 | |
| ibm | tivoli_storage_manager | 5.2.0 | |
| ibm | tivoli_storage_manager | 5.2.1 | |
| ibm | tivoli_storage_manager | 5.2.2 | |
| ibm | tivoli_storage_manager | 5.3 | |
| ibm | tivoli_storage_manager | 6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "74E4A983-9053-405D-BA3D-BAE8B47A1EB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AB1B6BE3-9554-41DF-A994-82CEAF88BA90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6454A8C4-407C-455F-8922-D7D703C52245",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:4.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "40C35632-F7D5-494A-BE62-2DB121ED6234",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:4.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "62532061-2092-481A-B699-4EA1500F80D9",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:mvs:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C0EE559C-A63D-49F1-BA38-912E2018EF3C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CC7FD0D2-E106-4152-AF87-0E8BEE44DDCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "41A50035-DA7C-4F8F-B36A-3C5194098F4F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FA6521E9-3106-49F6-84DF-66FFE47BDAC8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "C0A6731C-74A9-4FA9-8F2B-66D5F623151B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.1.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2E1464DB-B192-4459-9C6D-34E8213CDC5E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.1.8:*:*:*:*:*:*:*",
"matchCriteriaId": "0EDD381D-FEA0-476C-9389-D777D2E344E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.1.9:*:*:*:*:*:*:*",
"matchCriteriaId": "79B76B2B-D92E-4000-8779-87C01BE55E4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "256AFD08-1918-46D6-9A7A-AE50ACDE9347",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AAA451EA-3F6E-4063-99E2-0D1D6950CC11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "AF4E3EAE-A032-4A42-91C9-5D1E1CC048B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "801CCEC1-8DED-41C4-B6D2-38E4BEC74EA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "AC4EA95B-C812-4A27-8FB2-46F644463BF6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The server in IBM Tivoli Storage Manager (TSM) 4.2.x on MVS, 5.1.9.x before 5.1.9.1, 5.1.x before 5.1.10, 5.2.2.x before 5.2.2.3, 5.2.x before 5.2.3, 5.3.x before 5.3.0, and 6.x before 6.1, when the HTTP communication method is enabled, allows remote attackers to cause a denial of service (daemon crash or hang) via unspecified HTTP traffic, as demonstrated by the IBM port scanner 1.3.1."
},
{
"lang": "es",
"value": "El servidor en IBM Tivoli Storage Manager (TSM) 4.2.x en MVS, 5.1.9.x versiones anteriores a v5.1.9.1, 5.1.x versiones anteriores a v5.1.10, 5.2.2.x versiones anteriores a v5.2.2.3, 5.2.x versiones anteriores a v5.2.3, 5.3.x versiones anteriores a v5.3.0, y 6.x versiones anteriores a v6.1, cuando el m\u00e9todo de comunicaci\u00f3n HTTP est\u00e1 activo, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda del demonio o cuelgue) a trav\u00e9s de tr\u00e1fico HTTP sin especificar, como lo demostrador por el esc\u00e1ner de puertos de IBM v1.3.1."
}
],
"id": "CVE-2004-2762",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-03-31T18:24:45.797",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34498"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1021946"
},
{
"source": "cve@mitre.org",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21246076"
},
{
"source": "cve@mitre.org",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21375360"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IC39395"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/34285"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/0881"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49535"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/34498"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1021946"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21246076"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21375360"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IC39395"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/34285"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/0881"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49535"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}