Hewlett-Packard LeftHand Virtual SAN Appliance dbd_manager libens Unmarshalling Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP LeftHand Virtual SAN Appliance. Authentication is not required to exploit this vulnerability. The flaw exists within the dbd_manager component which receives messages via the hydra process. This process listens on TCP port 13841. The dbd_manager uses the libens library for unmarshalling received messages, among other things. During the unmarshalling process an undersized allocation occurs followed by a copy of data to this region. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the root user.