Detections
Analytics
HP Data Protector Multiple RCE Vulnerabilities
critical Nessus Plugin ID 66849
Language:
Synopsis
The remote backup service is affected by multiple remote code execution vulnerabilities.Description
According to its version and build number, the remote instance of HP Data Protector is affected by multiple stack-based buffer overflow conditions in crs.exe when parsing various opcodes. A remote, unauthenticated attacker can exploit these to execute arbitrary code in the context of the SYSTEM user or have other unspecified impact.Solution
Apply the relevant patches referenced in the HP advisory.See Also
https://www.zerodayinitiative.com/advisories/ZDI-13-121/
https://www.zerodayinitiative.com/advisories/ZDI-13-122/
https://www.zerodayinitiative.com/advisories/ZDI-13-123/
https://www.zerodayinitiative.com/advisories/ZDI-13-124/
https://www.zerodayinitiative.com/advisories/ZDI-13-125/
https://www.zerodayinitiative.com/advisories/ZDI-13-126/
https://www.zerodayinitiative.com/advisories/ZDI-13-127/
https://www.zerodayinitiative.com/advisories/ZDI-13-128/
https://www.zerodayinitiative.com/advisories/ZDI-13-129/
https://www.zerodayinitiative.com/advisories/ZDI-13-130/
https://www.zerodayinitiative.com/advisories/ZDI-13-131/
Plugin Details
Severity: Critical
ID: 66849
File Name: hp_data_protector_hpsbmu02833.nasl
Version: 1.19
Type: remote
Family: Misc.
Published: 6/10/2013
Updated: 4/11/2022
Configuration: Enable thorough checks
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: High
Score: 7.4
CVSS v2
Risk Factor: Critical
Base Score: 10
Temporal Score: 8.3
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: cpe:/a:hp:data_protector, cpe:/a:hp:storage_data_protector
Required KB Items: Services/data_protector/cell_server/Version
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 6/3/2013
Vulnerability Publication Date: 6/3/2013
Exploitable With
Core Impact
Metasploit (HP Data Protector Cell Request Service Buffer Overflow)
ExploitHub (EH-13-114)
Reference Information
CVE: CVE-2013-2324, CVE-2013-2325, CVE-2013-2326, CVE-2013-2327, CVE-2013-2328, CVE-2013-2329, CVE-2013-2330, CVE-2013-2331, CVE-2013-2332, CVE-2013-2333, CVE-2013-2334, CVE-2013-2335
BID: 60299, 60300, 60301, 60302, 60303, 60304, 60306, 60307, 60308, 60309, 60310, 60311
HP: HPSBMU02883, SSRT101227, emr_na-c03781657