HP Data Protector Express 5.x < 5.0.0 Build 59287 / 6.x < 6.0.0 Build 11974 Multiple Vulnerabilities

Critical Nessus Plugin ID 58399


The remote Windows host contains a backup application that is affected by multiple vulnerabilities.


The version of HP Data Protector Express installed on the remote Windows host is 5.x earlier than 5.0.0 build 59287 or 6.x earlier than 6.0.0 build 11974. As such, it is potentially affected by multiple unspecified denial of service and code execution vulnerabilities.


Upgrade to HP Data Protector Express 5.0.0 build 59287 / 6.0.0 build 11974 or later.

See Also


Plugin Details

Severity: Critical

ID: 58399

File Name: hp_data_protector_exp_hpsbmu02746.nasl

Version: $Revision: 1.7 $

Type: local

Agent: windows

Family: Windows

Published: 2012/03/20

Modified: 2013/05/16

Dependencies: 58398

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:hp:data_protector_express

Required KB Items: SMB/HP Data Protector Express/Path, SMB/HP Data Protector Express/Version, SMB/HP Data Protector Express/Build

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2012/03/12

Vulnerability Publication Date: 2012/03/12

Exploitable With

Core Impact

Metasploit (HP Data Protector Create New Folder Buffer Overflow)

Reference Information

CVE: CVE-2012-0121, CVE-2012-0122, CVE-2012-0123, CVE-2012-0124

BID: 52431

OSVDB: 80102, 80103, 80104, 80105

EDB-ID: 19484