HP Data Protector 8.x Arbitrary Command Execution (HPSBMU03072)
Critical Nessus Plugin ID 76616
SynopsisThe remote host is affected by an arbitrary command execution vulnerability.
DescriptionNessus was able to execute an operating system command on the remote HP Data Protector 8.x installation by sending a specially crafted packet to the HP Data Protector service.
SolutionA patched version is not currently available. As a workaround, enable Encrypted Control Communications (ECC) services on the cell server and all of the clients in cell.