{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2010-09-28T00:00:00", "descriptions": [{"lang": "en", "value": "The _CalcHashValueWithLength function in FastBackServer.exe in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 does not properly validate an unspecified length value, which allows remote attackers to cause a denial of service (daemon crash) by sending data over TCP. NOTE: this might overlap CVE-2010-3060."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-10T18:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20100929 ZDI-10-186: IBM TSM FastBack _CalcHashValueWithLength Remote Denial of Service Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/514070/100/0/threaded"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.ibm.com/support/docview.wss?uid=swg21443820"}, {"name": "IC69883", "tags": ["vendor-advisory", "x_refsource_AIXAPAR"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC69883"}, {"tags": ["x_refsource_MISC"], "url": "http://zerodayinitiative.com/advisories/ZDI-10-186/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2010-3756", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The _CalcHashValueWithLength function in FastBackServer.exe in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 does not properly validate an unspecified length value, which allows remote attackers to cause a denial of service (daemon crash) by sending data over TCP. NOTE: this might overlap CVE-2010-3060."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20100929 ZDI-10-186: IBM TSM FastBack _CalcHashValueWithLength Remote Denial of Service Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/514070/100/0/threaded"}, {"name": "http://www.ibm.com/support/docview.wss?uid=swg21443820", "refsource": "CONFIRM", "url": "http://www.ibm.com/support/docview.wss?uid=swg21443820"}, {"name": "IC69883", "refsource": "AIXAPAR", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC69883"}, {"name": "http://zerodayinitiative.com/advisories/ZDI-10-186/", "refsource": "MISC", "url": "http://zerodayinitiative.com/advisories/ZDI-10-186/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T03:18:52.998Z"}, "title": "CVE Program Container", "references": [{"name": "20100929 ZDI-10-186: IBM TSM FastBack _CalcHashValueWithLength Remote Denial of Service Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/514070/100/0/threaded"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.ibm.com/support/docview.wss?uid=swg21443820"}, {"name": "IC69883", "tags": ["vendor-advisory", "x_refsource_AIXAPAR", "x_transferred"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC69883"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://zerodayinitiative.com/advisories/ZDI-10-186/"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2010-3756", "datePublished": "2010-10-05T21:00:00", "dateReserved": "2010-10-05T00:00:00", "dateUpdated": "2024-08-07T03:18:52.998Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_fastback:5.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "7A482E38-2B78-4064-8682-F7A571D1734C", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_fastback:5.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "840361B9-B3F8-448B-BC7E-065BA4871E46", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_fastback:5.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "8734E08A-716E-4E29-A440-5FB437F7EF46", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_fastback:5.5.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "9FF1E98E-B3F5-4348-8D45-B9A8CC916F47", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_fastback:5.5.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "DA49D704-CCC4-48C0-91F9-E6A3A4181FE0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_fastback:5.5.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "5D3202AE-CCAB-4120-8F60-B8809C8B192F", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_fastback:5.5.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "43030674-F9E7-483E-8F47-4B5075A480D7", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_fastback:5.5.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "7B6611E2-9E6A-407A-8649-874E12F12791", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_fastback:6.1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "6C7756DB-DD6D-4A63-9214-131431F809A0", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:tivoli_storage_manager_fastback:6.1.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "75B7DD63-0696-4D98-BE7F-05D7E953752E", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The _CalcHashValueWithLength function in FastBackServer.exe in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 does not properly validate an unspecified length value, which allows remote attackers to cause a denial of service (daemon crash) by sending data over TCP. NOTE: this might overlap CVE-2010-3060."}, {"lang": "es", "value": "La funci\u00f3n _CalcHashValueWithLength en FastBackServer.exe en el servidor de IBM Tivoli Storage Manager (TSM) Fastback v5.5.0.0 a v5.5.6.0 y v6.1.0.0 a v6.1.0.1 no valida correctamente la longitud de un valor no especificado, lo que permite a atacantes remotos provocar una denegaci\u00f3n de servicio (mediante ca\u00edda del demonio) enviando datos sobre TCP. NOTA: esto puede superponerse a CVE-2010-3060."}], "id": "CVE-2010-3756", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2010-10-05T22:00:06.643", "references": [{"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC69883"}, {"source": "cve@mitre.org", "url": "http://www.ibm.com/support/docview.wss?uid=swg21443820"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/514070/100/0/threaded"}, {"source": "cve@mitre.org", "url": "http://zerodayinitiative.com/advisories/ZDI-10-186/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC69883"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ibm.com/support/docview.wss?uid=swg21443820"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/514070/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://zerodayinitiative.com/advisories/ZDI-10-186/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}