HP OpenView Storage Data Protector Backup Agent Remote Arbitrary Command Execution
Medium Nessus Network Monitor Plugin ID 3728
SynopsisIt is possible to execute code on the remote host through the backup agent.
DescriptionThe remote version of HP OpenView Data Protector is vulnerable to an authentication bypass flaw. By sending specially crafted requests to the remote host, an attacker may be able to execute unauthorized Backup commands. Due to the nature of the software, a successful exploitation of this vulnerability could result in remote code execution.
SolutionIf this service is not needed, disable it or filter incoming traffic to this port. HP has released a set of patches for Data Protector 5.10 and 5.50: http://itrc.hp.com/service/cki/docDisplay.do?docId=c00742778