10

CVE-2013-2347

The Backup Client Service (OmniInet.exe) in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary commands or cause a denial of service via a crafted EXEC_BAR packet to TCP port 5555, aka ZDI-CAN-1885.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
HpStorage Data Protector Version6.20 Update- SwPlatformwindows_server_2003
   HpStorage Data Protector Version6.20 Update- SwPlatformwindows_server_2003
   HpStorage Data Protector Version6.20 Update- SwPlatformwindows_server_2003
   HpStorage Data Protector Version6.20 Update- SwPlatformwindows_server_2003
HpStorage Data Protector Version6.20 Update- SwPlatformwindows_server_2008
   HpStorage Data Protector Version6.20 Update- SwPlatformwindows_server_2008
   HpStorage Data Protector Version6.20 Update- SwPlatformwindows_server_2008
   HpStorage Data Protector Version6.20 Update- SwPlatformwindows_server_2008
HpStorage Data Protector Version6.21 Update- SwPlatformhp-ux
   HpStorage Data Protector Version6.21 Update- SwPlatformhp-ux
   HpStorage Data Protector Version6.21 Update- SwPlatformhp-ux
   HpStorage Data Protector Version6.21 Update- SwPlatformhp-ux
HpStorage Data Protector Version6.21 Update- SwPlatformredhat_enterprise_linux
   HpStorage Data Protector Version6.21 Update- SwPlatformredhat_enterprise_linux
   HpStorage Data Protector Version6.21 Update- SwPlatformredhat_enterprise_linux
   HpStorage Data Protector Version6.21 Update- SwPlatformredhat_enterprise_linux
HpStorage Data Protector Version6.21 Update- SwPlatformsolaris
   HpStorage Data Protector Version6.21 Update- SwPlatformsolaris
   HpStorage Data Protector Version6.21 Update- SwPlatformsolaris
   HpStorage Data Protector Version6.21 Update- SwPlatformsolaris
HpStorage Data Protector Version6.21 Update- SwPlatformwindows_server_2003
   HpStorage Data Protector Version6.21 Update- SwPlatformwindows_server_2003
   HpStorage Data Protector Version6.21 Update- SwPlatformwindows_server_2003
   HpStorage Data Protector Version6.21 Update- SwPlatformwindows_server_2003
HpStorage Data Protector Version6.21 Update- SwPlatformwindows_server_2008
   HpStorage Data Protector Version6.21 Update- SwPlatformwindows_server_2008
   HpStorage Data Protector Version6.21 Update- SwPlatformwindows_server_2008
   HpStorage Data Protector Version6.21 Update- SwPlatformwindows_server_2008
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 66.41% 0.992
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?docId=emr_na-c03822422
Vendor Advisory
http://ddilabs.blogspot.com/2014/02/fun-with-hp-data-protector-execbar.html
Permissions Required
http://www.exploit-db.com/exploits/32164
Broken Link
http://www.zerodayinitiative.com/advisories/ZDI-14-008/
Third Party Advisory