Lucene search

K
saintSAINT CorporationSAINT:94F3B393FF9F192AE76A37DD61E4A60A
HistoryJul 24, 2013 - 12:00 a.m.

HP Data Protector CRS Opcode 211 Stack Buffer Overflow

2013-07-2400:00:00
SAINT Corporation
my.saintcorporation.com
23

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.954 High

EPSS

Percentile

99.4%

Added: 07/24/2013
CVE: CVE-2013-2333
BID: 60309
OSVDB: 93867

Background

HP Data Protector is an automated data backup solution.

Problem

A buffer overflow vulnerability in crs.exe when handling requests with opcode 211 allows remote attackers to execute arbitrary commands.

Resolution

Apply a patch referenced in HPSBMU02883 SSRT101227.

References

<http://secunia.com/advisories/53679/&gt;

Limitations

This exploit was tested against HP Data Protector 6.2 on Windows Server 2003 SP2 English (DEP OptOut).

Platforms

Windows

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.954 High

EPSS

Percentile

99.4%