Lucene search

K
saintSAINT CorporationSAINT:3415BA98EA9C8347C4B9BD36BA73937E
HistoryJul 09, 2013 - 12:00 a.m.

HP Data Protector opcode 259 buffer overflow

2013-07-0900:00:00
SAINT Corporation
my.saintcorporation.com
29

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.294 Low

EPSS

Percentile

96.9%

Added: 07/09/2013
CVE: CVE-2013-2329
BID: 60304
OSVDB: 93863

Background

HP Data Protector is an automated data backup solution.

Problem

A buffer overflow vulnerability when handling requests with opcode 259 allows remote attackers to execute arbitrary commands.

Resolution

Apply a patch referenced in HPSBMU02883 SSRT101227.

References

<http://www.zerodayinitiative.com/advisories/ZDI-13-126/&gt;

Limitations

Exploit works on HP Data Protector 6.2 on Windows Server 2003 SP2 English (DEP OptOut).

Platforms

Windows

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.294 Low

EPSS

Percentile

96.9%

Related for SAINT:3415BA98EA9C8347C4B9BD36BA73937E