HP Data Protector <= A.06.20 Multiple Vulnerabilities (uncredentialed check)

This script is Copyright (C) 2011-2017 Tenable Network Security, Inc.

Synopsis :

The remote Windows host has an application that is affected by
multiple vulnerabilities.

Description :

The version of HP Data Protector installed on the remote Windows host
is affected by one or more of the following vulnerabilities :

- Multiple denial of service vulnerabilities exist in the
'data protect inet' service. (CVE-2011-1514,

- A buffer overflow vulnerability exists in the 'data
protector inet' service that can be exploited via
EXEC_CMD. (CVE-2011-1864)

- A buffer overflow vulnerability exists in the inet
service that could result in code execution via a
request containing crafted parameters. (CVE-2011-1865)

See also :


Solution :

1. Upgrade to Data Protector A.06.20 or later.

2. Enable encrypted control communication services on cell server and
all clients in cell.

Risk factor :

Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.3
Public Exploit Available : true

Family: Gain a shell remotely

Nessus Plugin ID: 55552 ()

Bugtraq ID: 48486

CVE ID: CVE-2011-1514

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now