Detections
Analytics

HP Data Protector Express 5.x < 5.0.0 Build 59287 / 6.x < 6.0.0 Build 11974 Multiple Vulnerabilities

critical Nessus Plugin ID 58399

Language:

Synopsis

The remote Windows host contains a backup application that is affected by multiple vulnerabilities.

Description

The version of HP Data Protector Express installed on the remote Windows host is 5.x earlier than 5.0.0 build 59287 or 6.x earlier than 6.0.0 build 11974. As such, it is potentially affected by multiple unspecified denial of service and code execution vulnerabilities.

Solution

Upgrade to HP Data Protector Express 5.0.0 build 59287 / 6.0.0 build 11974 or later.

See Also

http://www.nessus.org/u?94781a20

Plugin Details

Severity: Critical

ID: 58399

File Name: hp_data_protector_exp_hpsbmu02746.nasl

Version: 1.8

Type: local

Agent: windows

Family: Windows

Published: 3/20/2012

Updated: 7/12/2018

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:hp:data_protector_express

Required KB Items: SMB/HP Data Protector Express/Path, SMB/HP Data Protector Express/Version, SMB/HP Data Protector Express/Build

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 3/12/2012

Vulnerability Publication Date: 3/12/2012

Exploitable With

Core Impact

Metasploit (HP Data Protector Create New Folder Buffer Overflow)

Reference Information

CVE: CVE-2012-0121, CVE-2012-0122, CVE-2012-0123, CVE-2012-0124

BID: 52431