Denial of Service : HP (OpenView Storage) Data Protector Multiple RCE Vulnerabilities

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.902454

Categoría: Denial of Service

Título: HP (OpenView Storage) Data Protector Multiple RCE Vulnerabilities

Resumen: HP (OpenView Storage) Data Protector is prone to multiple remote; code execution (RCE) vulnerabilities.

Descripción: Summary:
HP (OpenView Storage) Data Protector is prone to multiple remote
code execution (RCE) vulnerabilities.

Vulnerability Insight:
Multiple flaws are due to error in 'data protector inet' service
command which allows remote remote attackers to execute arbitrary code.

Vulnerability Impact:
Successful exploitation will allow remote attackers to execute
arbitrary code or may lead to denial of service conditions.

Affected Software/OS:
HP (OpenView Storage) Data Protector 6.20 and prior.

Solution:
No known solution was made available for at least one year
since the disclosure of this vulnerability. Likely none will be provided anymore. General
solution options are to upgrade to a newer release, disable respective features, remove the
product or replace the product by another one.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2011-1865
BugTraq ID: 48486
http://www.securityfocus.com/bid/48486
http://www.exploit-db.com/exploits/17458
http://www.exploit-db.com/exploits/17467
http://www.exploit-db.com/exploits/17468
http://www.exploit-db.com/exploits/17490
HPdes Security Advisory: HPSBMU02686
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02872182
HPdes Security Advisory: SSRT100541
http://www.coresecurity.com/content/HP-Data-Protector-multiple-vulnerabilities
http://securitytracker.com/id?1025731
http://secunia.com/advisories/45100
http://securityreason.com/securityalert/8288
http://securityreason.com/securityalert/8290
http://securityreason.com/securityalert/8291
http://securityreason.com/securityalert/8295
XForce ISS Database: openview-data-ce(68281)
https://exchange.xforce.ibmcloud.com/vulnerabilities/68281
Common Vulnerability Exposure (CVE) ID: CVE-2011-1514
Common Vulnerability Exposure (CVE) ID: CVE-2011-1515
Common Vulnerability Exposure (CVE) ID: CVE-2011-1866
BugTraq ID: 48488
http://www.securityfocus.com/bid/48488
Bugtraq: 20110629 CORE-2011-0606: HP Data Protector EXEC_CMD Buffer Overflow Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/518666/100/0/threaded
http://www.exploit-db.com/exploits/17461
http://www.coresecurity.com/content/HP-Data-Protector-EXECCMD-Vulnerability
http://securityreason.com/securityalert/8289
XForce ISS Database: hp-openview-data-ce(68297)
https://exchange.xforce.ibmcloud.com/vulnerabilities/68297

Copyright Copyright (C) 2011 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.902454
Categoría:	Denial of Service
Título:	HP (OpenView Storage) Data Protector Multiple RCE Vulnerabilities
Resumen:	HP (OpenView Storage) Data Protector is prone to multiple remote; code execution (RCE) vulnerabilities.
Descripción:	Summary: HP (OpenView Storage) Data Protector is prone to multiple remote code execution (RCE) vulnerabilities. Vulnerability Insight: Multiple flaws are due to error in 'data protector inet' service command which allows remote remote attackers to execute arbitrary code. Vulnerability Impact: Successful exploitation will allow remote attackers to execute arbitrary code or may lead to denial of service conditions. Affected Software/OS: HP (OpenView Storage) Data Protector 6.20 and prior. Solution: No known solution was made available for at least one year since the disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-1865 BugTraq ID: 48486 http://www.securityfocus.com/bid/48486 http://www.exploit-db.com/exploits/17458 http://www.exploit-db.com/exploits/17467 http://www.exploit-db.com/exploits/17468 http://www.exploit-db.com/exploits/17490 HPdes Security Advisory: HPSBMU02686 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02872182 HPdes Security Advisory: SSRT100541 http://www.coresecurity.com/content/HP-Data-Protector-multiple-vulnerabilities http://securitytracker.com/id?1025731 http://secunia.com/advisories/45100 http://securityreason.com/securityalert/8288 http://securityreason.com/securityalert/8290 http://securityreason.com/securityalert/8291 http://securityreason.com/securityalert/8295 XForce ISS Database: openview-data-ce(68281) https://exchange.xforce.ibmcloud.com/vulnerabilities/68281 Common Vulnerability Exposure (CVE) ID: CVE-2011-1514 Common Vulnerability Exposure (CVE) ID: CVE-2011-1515 Common Vulnerability Exposure (CVE) ID: CVE-2011-1866 BugTraq ID: 48488 http://www.securityfocus.com/bid/48488 Bugtraq: 20110629 CORE-2011-0606: HP Data Protector EXEC_CMD Buffer Overflow Vulnerability (Google Search) http://www.securityfocus.com/archive/1/518666/100/0/threaded http://www.exploit-db.com/exploits/17461 http://www.coresecurity.com/content/HP-Data-Protector-EXECCMD-Vulnerability http://securityreason.com/securityalert/8289 XForce ISS Database: hp-openview-data-ce(68297) https://exchange.xforce.ibmcloud.com/vulnerabilities/68297
Copyright	Copyright (C) 2011 Greenbone AG