Severity: Low

The 'id' parameter of IBM Tivoli Storage Manager version 5 release 2 (Command Line Administrative Interface, dsmadmc.exe) is vulnerable to an exploitable stack buffer overflow.

Note: the vulnerability can be exploited when it is used in "interactive" mode while, cause of a max number characters limitation, it cannot be exploited in batch or command line usage (e.g. dsmadmc.exe -id=username -password=pwd).

(undisclosed)
https://voidsec.com/host-header-injection/
https://voidsec.com/yahoo-messenger/