HP Data Protector Express Crafted Traffic Remote Memory Disclosure
Medium Nessus Plugin ID 38792
SynopsisThe remote Windows host contains an application that is affected by a local privilege escalation vulnerability.
DescriptionHP Data Protector Express is installed on the remote host. The installed version of the software is affected by an unspecified local privilege escalation vulnerability. A local attacker could exploit this vulnerability to trigger a denial of service condition or execute arbitrary code with system level privileges. According to reports, this flaw could also be triggered remotely by exploiting a memory leak vulnerability, see references for more information.
SolutionUpgrade to HP Data Protector Express Single Server Edition version 3.5 SP2 build 47065 / 4.0 SP1 build 46537 or later.