A fix is available
APAR status
Closed as program error.
Error description
An unauthorized access vulnerability in TSM for Space Management (HSM) enables remote attackers to read, modify or even delete files in dmapi enabled file systems mounted on systems where HSM is installed. The files can be read or modified without changing the atime, ctime or mtime file attributes. . All HSM platforms are affected: AIX with GPFS or JFS2, Linux, Solaris Sparc and HP-UX. . The following HSM versions are affected: 6.3, 6.2, 6.1, 5.5 and 5.4. . The affected binary is the dsmrootd on AIX located in /usr/tivoli/tsm/client/hsm/bin or in /opt/tivoli/tsm/client/hsm/bin in case of Linux, Solaris or HP-UX. . IBM's assessment of the base Common Vulnerability Scoring System (CVSS) score for this vulnerability is 6.4.
Local fix
When GPFS is spacemanaged the dsmrootd binary must be replaced by a script which runs as a background process upon start. When JFS2 or VxFS is spacemanaged the dsmrootd binary must be deleted. A script which replaces the dsmrootd is not required in the latter case. . For detailed instructions how to solve this security problem read the flash document available here http://www.ibm.com/support/docview.wss?uid=swg21615292
Problem summary
**************************************************************** * USERS AFFECTED: HSM versions 6.3, 6.2, 6.1, 5.5 and 5.4 on * * AIX and Linux platforms. HSM versions 6.1, 5.5 and 5.4 on * * Solaris and HP-UX. * **************************************************************** * PROBLEM DESCRIPTION: See ERROR DESCRIPTION. * **************************************************************** * RECOMMENDATION: Follow the instructions described here * * http://www.ibm.com/support/docview.wss?uid=swg21615292 until * * fixing levels are available. The problem is currently * * projected to be fixed in levels 6.3.1 and 6.2.5. * * Note that until these levels are available, this * * information is subject to change at the discretion of IBM. * ****************************************************************
Problem conclusion
The problem has been fixed so that it no longer occurs. The dsmrootd has been removed. HSM command execution by non-root users has been disabled. HSM 6.4.0 is not affected. The dsmrootd will be removed later with 6.4.1.
Temporary fix
Comments
APAR Information
APAR number
IC86724
Reported component name
TSM SPACE MGMT
Reported component ID
5698HSMCL
Reported release
63L
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2012-09-24
Closed date
2012-12-14
Last modified date
2012-12-19
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
TSM SPACE MGMT
Fixed component ID
5698HSMCL
Applicable component levels
R63A PSY
UP
R64A PSY
UP
R64L PSY
UP
[{"Line of Business":{"code":"LOB26","label":"Storage"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSSR2R","label":"Tivoli Storage Manager for Space Management"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"6.3"}]
Document Information
Modified date:
20 September 2021