HP OpenView Storage Data Protector allows code execution
A combination of vulnerabilities in HP's OpenView Storage Data Protector enables attackers to execute arbitrary program code on affected computers, even if they are not registered. HP has since released updates to close the hole, which was reported by the UK National Infrastructure Security Co-Ordination Centre (NISCC).
HP's OpenView Storage Data Protector is backup and recovery software that uses agents to control the client's computers. To do so, the central service on the server (cell manager) communicates with the agents using a proprietary protocol. By manipulating the data fields in the packets, attackers could send commands to the agent, even without prior registration.
The vulnerability affects HP OpenView Storage Data Protector 5.1 and 5.5 running on HP-UX, IBM AIX, Linux, Windows and Solaris. HP's security advisory offers links to the updates.
- HP OpenView Storage Data Protector, Remote Arbitrary Command Execution, Advisory from HP (for registered customers)
- Vulnerability Issues with HP OpenView Storage Data Protector, Vulnerability advisory from NISCC
(ehe)