HP Data Protector Multiple RCE Vulnerabilities

This script is Copyright (C) 2013-2015 Tenable Network Security, Inc.


Synopsis :

The remote backup service is affected by multiple remote code
execution vulnerabilities.

Description :

According to its version and build number, the remote instance of HP
Data Protector is affected by multiple stack-based buffer overflow
conditions in crs.exe when parsing various opcodes. A remote,
unauthenticated attacker can exploit these to execute arbitrary code
in the context of the SYSTEM user or have other unspecified impact.

See also :

http://www.zerodayinitiative.com/advisories/ZDI-13-121/
http://www.zerodayinitiative.com/advisories/ZDI-13-122/
http://www.zerodayinitiative.com/advisories/ZDI-13-123/
http://www.zerodayinitiative.com/advisories/ZDI-13-124/
http://www.zerodayinitiative.com/advisories/ZDI-13-125/
http://www.zerodayinitiative.com/advisories/ZDI-13-126/
http://www.zerodayinitiative.com/advisories/ZDI-13-127/
http://www.zerodayinitiative.com/advisories/ZDI-13-128/
http://www.zerodayinitiative.com/advisories/ZDI-13-129/
http://www.zerodayinitiative.com/advisories/ZDI-13-130/
http://www.zerodayinitiative.com/advisories/ZDI-13-131/
http://www.zerodayinitiative.com/advisories/ZDI-13-161/
http://www.nessus.org/u?a263f550

Solution :

Apply the relevant patches referenced in the HP advisory.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.3
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial