HP Data Protector OmniInet.exe MSG_PROTOCOL Command RCE

This script is Copyright (C) 2010-2016 Tenable Network Security, Inc.

Synopsis :

The backup service running on the remote host is affected by a remote
code execution vulnerability.

Description :

According to its version and build number, the HP Data Protector
application running on the remote host is affected by a stack-based
buffer overflow condition in the backup client service daemon
(OmniInet.exe). An unauthenticated, remote attacker can exploit this,
via an MSG_PROTOCOL command with long arguments, to corrupt memory,
resulting in the execution of arbitrary code.

See also :


Solution :

Apply the relevant patches referenced in the HP advisory.

Risk factor :

Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.3
Public Exploit Available : true

Family: Gain a shell remotely

Nessus Plugin ID: 43635 (hp_data_protector_msg_protocol_bof.nasl)

Bugtraq ID: 37396

CVE ID: CVE-2007-2280

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now