HP Data Protector <= A.06.20 Multiple Vulnerabilities (uncredentialed check)

critical Nessus Plugin ID 55552

Synopsis

The remote Windows host has an application that is affected by multiple vulnerabilities.

Description

The version of HP Data Protector installed on the remote Windows host is affected by one or more of the following vulnerabilities :

- Multiple denial of service vulnerabilities exist in the 'data protect inet' service. (CVE-2011-1514, CVE-2011-1515)

- A buffer overflow vulnerability exists in the 'data protector inet' service that can be exploited via EXEC_CMD. (CVE-2011-1864)

- A buffer overflow vulnerability exists in the inet service that could result in code execution via a request containing crafted parameters. (CVE-2011-1865)

Solution

1. Upgrade to Data Protector A.06.20 or later.

2. Enable encrypted control communication services on cell server and all clients in cell.

See Also

http://www.nessus.org/u?6d655681

http://www.nessus.org/u?79bee660

http://www.nessus.org/u?0e38ce76

Plugin Details

Severity: Critical

ID: 55552

File Name: hp_data_protector_0620_multiple_vulns.nbin

Version: 1.62

Type: remote

Published: 7/6/2011

Updated: 7/19/2022

Configuration: Enable thorough checks

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.3

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: E:F/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:hp:openview_storage_data_protector

Required KB Items: Services/data_protector/version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 4/25/2011

Vulnerability Publication Date: 6/29/2011

Exploitable With

Core Impact

Metasploit (HP OmniInet.exe Opcode 20 Buffer Overflow)

ExploitHub (EH-12-076)

Reference Information

CVE: CVE-2011-1514, CVE-2011-1515, CVE-2011-1864, CVE-2011-1865, CVE-2011-1866

BID: 48486, 48488

SECUNIA: 45100