10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.854 High
EPSS
Percentile
98.5%
Added: 05/09/2011
CVE: CVE-2011-1729
BID: 47638
OSVDB: 72188
HP OpenView Storage Data Protector is a backup solution for enterprise and distributed environments.
A remote code execution vulnerability exists in HP Data Protector Backup Client Service due to a buffer overflow in the processing of GET_FILE messages. A remote unauthenticated attacker could exploit this vulnerability by sending malformed GET_FILE message packets to the target service.
Upgrade to Data Protector A.06.20 or newer, as indicated in HP Security Bulletin HPSBMA02668 SSRT100474.
<http://secunia.com/advisories/44402/>
<http://www.zerodayinitiative.com/advisories/ZDI-11-145/>
Exploit works on HP Data Protector Backup Client Service 6.11 running on Microsoft Windows Server 2003 SP2 English (DEP OptOut) with KB956802 (gdi32.dll version 5.2.3790.4396) and KB2393802 (ntdll.dll version 5.2.3790.4789) installed, and on Microsoft Windows Server 2008 SP2 English (DEP AlwaysOff).
Windows Server 2003
Windows Server 2008