Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

HP OpenView Storage Data Protector Backup Agent Remote Arbitrary Command Execution

Medium

Synopsis

It is possible to execute code on the remote host through the backup agent.

Description

The remote version of HP OpenView Data Protector is vulnerable to an authentication bypass flaw. By sending specially crafted requests to the remote host, an attacker may be able to execute unauthorized Backup commands. Due to the nature of the software, a successful exploitation of this vulnerability could result in remote code execution.

Solution

If this service is not needed, disable it or filter incoming traffic to this port. HP has released a set of patches for Data Protector 5.10 and 5.50: http://itrc.hp.com/service/cki/docDisplay.do?docId=c00742778