This script is Copyright (C) 2010-2016 Tenable Network Security, Inc.
The backup service running on the remote host is affected by a remote
code execution vulnerability.
According to its version and build number, the HP Data Protector
application running on the remote host is affected by a stack-based
buffer overflow condition in the backup client service daemon
(OmniInet.exe). An unauthenticated, remote attacker can exploit this,
via an MSG_PROTOCOL command with long arguments, to corrupt memory,
resulting in the execution of arbitrary code.
See also :
Apply the relevant patches referenced in the HP advisory.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.3
Public Exploit Available : true
Family: Gain a shell remotely
Nessus Plugin ID: 43635 (hp_data_protector_msg_protocol_bof.nasl)
Bugtraq ID: 37396
CVE ID: CVE-2007-2280
Upgrade to Nessus Professional today!
Start your free Nessus Cloud trial now!
Begin Free Trial
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.