ADSM-L
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ADSM-L] Privilege escalation bug

2015-02-25 12:12:06
Subject: Re: [ADSM-L] Privilege escalation bug
From: Thomas Denier <Thomas.Denier AT JEFFERSON DOT EDU>
To: ADSM-L AT VM.MARIST DOT EDU
Date: Wed, 25 Feb 2015 17:10:43 +0000 
TSM 6.1 and all Version 5 releases are past normal end of support. The security 
bulletin advises customers with support extensions on 5.4, 5.5, or 6.1 to 
contact IBM Support.

-----Original Message-----
From: ADSM: Dist Stor Manager [mailto:ADSM-L AT VM.MARIST DOT EDU] On Behalf Of 
Vandeventer, Harold [OITS]
Sent: Wednesday, February 25, 2015 11:58 AM
To: ADSM-L AT VM.MARIST DOT EDU
Subject: Re: [ADSM-L] Privilege escalation bug

Is the 5.3 release so old that it is considered "not in support"?



-----Original Message-----
From: ADSM: Dist Stor Manager [mailto:ADSM-L AT VM.MARIST DOT EDU] On Behalf Of 
Thomas Denier
Sent: Wednesday, February 25, 2015 9:56 AM
To: ADSM-L AT VM.MARIST DOT EDU
Subject: [ADSM-L] Privilege escalation bug

I received a security bulletin from IBM yesterday regarding "Tivoli Storage 
Manager Stack-based Buffer Overflow Elevation of Privilege: CVE-2014-6184". The 
affected version/release combinations listed in the bulletin run from 5.4 to 
6.3. We still have one Linux system with 5.3 client code. Can I treat the list 
of affected releases as an explicit assurance that the 5.3 client does not have 
the vulnerability discussed in the bulletin? The alternative possibility that 
worries me is that 5.4 is the oldest level IBM thought it worthwhile to check.

Thomas Denier
Thomas Jefferson University
The information contained in this transmission contains privileged and 
confidential information. It is intended only for the use of the person named 
above. If you are not the intended recipient, you are hereby notified that any 
review, dissemination, distribution or duplication of this communication is 
strictly prohibited. If you are not the intended recipient, please contact the 
sender by reply email and destroy all copies of the original message.

CAUTION: Intended recipients should NOT use email communication for emergent or 
urgent health care matters.

[Confidentiality notice:]
***********************************************************************
This e-mail message, including attachments, if any, is intended for the person 
or entity to which it is addressed and may contain confidential or privileged 
information.  Any unauthorized review, use, or disclosure is prohibited.  If 
you are not the intended recipient, please contact the sender and destroy the 
original message, including all copies, Thank you.
***********************************************************************
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ADSM-L] Privilege escalation bug, Vandeventer, Harold [OITS]
Next by Date:  Re: [ADSM-L] Privilege escalation bug, Zoltan Forray
Previous by Thread:  Re: [ADSM-L] Privilege escalation bug, Vandeventer, Harold [OITS]
Next by Thread:  Re: [ADSM-L] Privilege escalation bug, Zoltan Forray
Indexes:  [Date] [Thread] [Top] [All Lists]