Vulnerabilities > CVE-2013-2350 - Unspecified vulnerability in HP Storage Data Protector 6.20/6.21
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1897.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 10 |
Nessus
NASL family HP-UX Local Security Checks NASL id HPUX_PHSS_43889.NASL description s700_800 11.X OV DP7.00 HP-UX IA/PA - Cell Server patch : Potential security vulnerabilities have been identified with HP Data Protector. These vulnerabilities could be remotely exploited to allow an increase of privilege, create a Denial of Service (DoS), or execute arbitrary code. References: CVE-2013-2344 (ZDI-CAN-1866, SSRT101217) CVE-2013-2345 (ZDI-CAN-1869, SSRT101218) CVE-2013-2346 (ZDI-CAN-1870, SSRT101219) CVE-2013-2347 (ZDI-CAN-1885, SSRT101220) CVE-2013-2348 (ZDI-CAN-1892, SSRT101221) CVE-2013-2349 (ZDI-CAN-1896, SSRT101222) CVE-2013-2350 (ZDI-CAN-1897, SSRT101223) CVE-2013-6194 (ZDI-CAN-1905, SSRT101233) CVE-2013-6195 (ZDI-CAN-2008, SSRT101348). last seen 2020-06-01 modified 2020-06-02 plugin id 73718 published 2014-04-27 reporter This script is Copyright (C) 2014-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/73718 title HP-UX PHSS_43889 : s700_800 11.X OV DP7.00 HP-UX IA/PA - Cell Server patch code # # (C) Tenable Network Security, Inc. # # The descriptive text and patch checks in this plugin were # extracted from HP patch PHSS_43889. The text itself is # copyright (C) Hewlett-Packard Development Company, L.P. # include("compat.inc"); if (description) { script_id(73718); script_version("1.5"); script_cvs_date("Date: 2018/07/12 19:01:15"); script_cve_id("CVE-2013-2344", "CVE-2013-2345", "CVE-2013-2346", "CVE-2013-2347", "CVE-2013-2348", "CVE-2013-2349", "CVE-2013-2350", "CVE-2013-6194", "CVE-2013-6195"); script_bugtraq_id(64647); script_xref(name:"HP", value:"emr_na-c03822422"); script_name(english:"HP-UX PHSS_43889 : s700_800 11.X OV DP7.00 HP-UX IA/PA - Cell Server patch"); script_summary(english:"Checks for the patch in the swlist output"); script_set_attribute( attribute:"synopsis", value:"The remote HP-UX host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "s700_800 11.X OV DP7.00 HP-UX IA/PA - Cell Server patch : Potential security vulnerabilities have been identified with HP Data Protector. These vulnerabilities could be remotely exploited to allow an increase of privilege, create a Denial of Service (DoS), or execute arbitrary code. References: CVE-2013-2344 (ZDI-CAN-1866, SSRT101217) CVE-2013-2345 (ZDI-CAN-1869, SSRT101218) CVE-2013-2346 (ZDI-CAN-1870, SSRT101219) CVE-2013-2347 (ZDI-CAN-1885, SSRT101220) CVE-2013-2348 (ZDI-CAN-1892, SSRT101221) CVE-2013-2349 (ZDI-CAN-1896, SSRT101222) CVE-2013-2350 (ZDI-CAN-1897, SSRT101223) CVE-2013-6194 (ZDI-CAN-1905, SSRT101233) CVE-2013-6195 (ZDI-CAN-2008, SSRT101348)." ); # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03822422 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?fe03aaf8" ); script_set_attribute( attribute:"solution", value:"Install patch PHSS_43889 or subsequent." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'HP Data Protector Backup Client Service Directory Traversal'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:hp-ux"); script_set_attribute(attribute:"patch_publication_date", value:"2014/04/11"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/04/27"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc."); script_family(english:"HP-UX Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("hpux.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/HP-UX/version")) audit(AUDIT_OS_NOT, "HP-UX"); if (!get_kb_item("Host/HP-UX/swlist")) audit(AUDIT_PACKAGE_LIST_MISSING); if (!hpux_check_ctx(ctx:"11.11 11.23 11.31")) { exit(0, "The host is not affected since PHSS_43889 applies to a different OS release."); } patches = make_list("PHSS_43889"); foreach patch (patches) { if (hpux_installed(app:patch)) { exit(0, "The host is not affected because patch "+patch+" is installed."); } } flag = 0; if (hpux_check_patch(app:"DATA-PROTECTOR.OMNI-CS", version:"A.07.00")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:hpux_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family HP-UX Local Security Checks NASL id HPUX_PHSS_43890.NASL description s700_800 11.X OV DP7.00 HP-UX IA/PA - Core patch : Potential security vulnerabilities have been identified with HP Data Protector. These vulnerabilities could be remotely exploited to allow an increase of privilege, create a Denial of Service (DoS), or execute arbitrary code. References: CVE-2013-2344 (ZDI-CAN-1866, SSRT101217) CVE-2013-2345 (ZDI-CAN-1869, SSRT101218) CVE-2013-2346 (ZDI-CAN-1870, SSRT101219) CVE-2013-2347 (ZDI-CAN-1885, SSRT101220) CVE-2013-2348 (ZDI-CAN-1892, SSRT101221) CVE-2013-2349 (ZDI-CAN-1896, SSRT101222) CVE-2013-2350 (ZDI-CAN-1897, SSRT101223) CVE-2013-6194 (ZDI-CAN-1905, SSRT101233) CVE-2013-6195 (ZDI-CAN-2008, SSRT101348). last seen 2020-06-01 modified 2020-06-02 plugin id 73719 published 2014-04-27 reporter This script is Copyright (C) 2014-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/73719 title HP-UX PHSS_43890 : s700_800 11.X OV DP7.00 HP-UX IA/PA - Core patch code # # (C) Tenable Network Security, Inc. # # The descriptive text and patch checks in this plugin were # extracted from HP patch PHSS_43890. The text itself is # copyright (C) Hewlett-Packard Development Company, L.P. # include("compat.inc"); if (description) { script_id(73719); script_version("1.5"); script_cvs_date("Date: 2018/07/12 19:01:15"); script_cve_id("CVE-2013-2344", "CVE-2013-2345", "CVE-2013-2346", "CVE-2013-2347", "CVE-2013-2348", "CVE-2013-2349", "CVE-2013-2350", "CVE-2013-6194", "CVE-2013-6195"); script_bugtraq_id(64647); script_xref(name:"HP", value:"emr_na-c03822422"); script_name(english:"HP-UX PHSS_43890 : s700_800 11.X OV DP7.00 HP-UX IA/PA - Core patch"); script_summary(english:"Checks for the patch in the swlist output"); script_set_attribute( attribute:"synopsis", value:"The remote HP-UX host is missing a security-related patch." ); script_set_attribute( attribute:"description", value: "s700_800 11.X OV DP7.00 HP-UX IA/PA - Core patch : Potential security vulnerabilities have been identified with HP Data Protector. These vulnerabilities could be remotely exploited to allow an increase of privilege, create a Denial of Service (DoS), or execute arbitrary code. References: CVE-2013-2344 (ZDI-CAN-1866, SSRT101217) CVE-2013-2345 (ZDI-CAN-1869, SSRT101218) CVE-2013-2346 (ZDI-CAN-1870, SSRT101219) CVE-2013-2347 (ZDI-CAN-1885, SSRT101220) CVE-2013-2348 (ZDI-CAN-1892, SSRT101221) CVE-2013-2349 (ZDI-CAN-1896, SSRT101222) CVE-2013-2350 (ZDI-CAN-1897, SSRT101223) CVE-2013-6194 (ZDI-CAN-1905, SSRT101233) CVE-2013-6195 (ZDI-CAN-2008, SSRT101348)." ); # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03822422 script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?fe03aaf8" ); script_set_attribute( attribute:"solution", value:"Install patch PHSS_43890 or subsequent." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'HP Data Protector Backup Client Service Directory Traversal'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:hp-ux"); script_set_attribute(attribute:"patch_publication_date", value:"2014/04/11"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/04/27"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc."); script_family(english:"HP-UX Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("hpux.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/HP-UX/version")) audit(AUDIT_OS_NOT, "HP-UX"); if (!get_kb_item("Host/HP-UX/swlist")) audit(AUDIT_PACKAGE_LIST_MISSING); if (!hpux_check_ctx(ctx:"11.11 11.23 11.31")) { exit(0, "The host is not affected since PHSS_43890 applies to a different OS release."); } patches = make_list("PHSS_43890"); foreach patch (patches) { if (hpux_installed(app:patch)) { exit(0, "The host is not affected because patch "+patch+" is installed."); } } flag = 0; if (hpux_check_patch(app:"DATA-PROTECTOR.OMNI-CF-P", version:"A.07.00")) flag++; if (hpux_check_patch(app:"DATA-PROTECTOR.OMNI-CORE", version:"A.07.00")) flag++; if (hpux_check_patch(app:"DATA-PROTECTOR.OMNI-CORE-IS", version:"A.07.00")) flag++; if (hpux_check_patch(app:"DATA-PROTECTOR.OMNI-INTEG-P", version:"A.07.00")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:hpux_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family Misc. NASL id HP_DATA_PROTECTOR_HPSBMU02895.NASL description The remote HP Data Protector install is affected by multiple vulnerabilities that could allow a remote attacker to gain elevated privileges, trigger a denial of service vulnerability, or in the worst case, execute arbitrary code. last seen 2020-06-01 modified 2020-06-02 plugin id 71806 published 2014-01-06 reporter This script is Copyright (C) 2014-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/71806 title HP Data Protector Multiple Vulnerabilities (HPSBMU02895 SSRT101253) code # # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(71806); script_version("1.16"); script_cvs_date("Date: 2018/11/15 20:50:23"); script_cve_id( "CVE-2013-2344", "CVE-2013-2345", "CVE-2013-2346", "CVE-2013-2347", "CVE-2013-2348", "CVE-2013-2349", "CVE-2013-2350", "CVE-2013-6194", "CVE-2013-6195" ); script_bugtraq_id(64647); script_xref(name:"EDB-ID", value:"31689"); script_name(english:"HP Data Protector Multiple Vulnerabilities (HPSBMU02895 SSRT101253)"); script_summary(english:"Checks versions"); script_set_attribute(attribute:"synopsis", value:"The remote host is affected by multiple vulnerabilities."); script_set_attribute(attribute:"description", value: "The remote HP Data Protector install is affected by multiple vulnerabilities that could allow a remote attacker to gain elevated privileges, trigger a denial of service vulnerability, or in the worst case, execute arbitrary code."); script_set_attribute(attribute:"see_also", value:"https://www.zerodayinitiative.com/advisories/ZDI-14-001/"); script_set_attribute(attribute:"see_also", value:"https://www.zerodayinitiative.com/advisories/ZDI-14-002/"); script_set_attribute(attribute:"see_also", value:"https://www.zerodayinitiative.com/advisories/ZDI-14-003/"); script_set_attribute(attribute:"see_also", value:"https://www.zerodayinitiative.com/advisories/ZDI-14-004/"); script_set_attribute(attribute:"see_also", value:"https://www.zerodayinitiative.com/advisories/ZDI-14-005/"); script_set_attribute(attribute:"see_also", value:"https://www.zerodayinitiative.com/advisories/ZDI-14-006/"); script_set_attribute(attribute:"see_also", value:"https://www.zerodayinitiative.com/advisories/ZDI-14-007/"); script_set_attribute(attribute:"see_also", value:"https://www.zerodayinitiative.com/advisories/ZDI-14-008/"); script_set_attribute(attribute:"see_also", value:"https://www.zerodayinitiative.com/advisories/ZDI-14-009/"); # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03822422 script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?fe03aaf8"); script_set_attribute(attribute:"solution", value:"Patch the installation according to the vendor's advisory."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"exploit_framework_core", value:"true"); script_set_attribute(attribute:"metasploit_name", value:'HP Data Protector Backup Client Service Directory Traversal'); script_set_attribute(attribute:"exploit_framework_metasploit", value:"true"); script_set_attribute(attribute:"vuln_publication_date", value:"2014/01/02"); script_set_attribute(attribute:"patch_publication_date", value:"2014/01/02"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/01/06"); script_set_attribute(attribute:"plugin_type", value:"combined"); script_set_attribute(attribute:"cpe", value:"cpe:/a:hp:storage_data_protector"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"Misc."); script_copyright(english:"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc."); script_require_ports("Services/hp_openview_dataprotector", 5555); script_dependencies("os_fingerprint.nasl", "ssh_get_info.nasl", "hp_data_protector_installed.nasl","hp_data_protector_installed_local.nasl"); script_require_keys("Services/data_protector/version"); exit(0); } include("hp_data_protector_version.inc"); port = get_service(svc:'hp_openview_dataprotector', default:5555, exit_on_fail:TRUE); # patterns matching affected platforms hpux_pat = "^11\.(11|23|31)$"; solaris_pat = "^5(\.|$|[^0-9])"; # patterns for matching against affected versions ver_621_pat = "^A\.06\.2[01]$"; ver_700_pat = "^A\.07\.0[01]$"; ver_800_pat = "^A\.08\.00$"; ver_810_pat = "^A\.08\.10$"; windows_pat = "^(5\.2|6\.0)$"; linux_pat = "(el[4-6]|SLES(9|10|11))(\.|$|[^0-9])"; # 6.21 hp_data_protector_check(os:"hpux", os_version_pat: hpux_pat, version_pat: ver_621_pat, fixed_internal_build: 409, comp_patches: make_array("core", 43781, "cell_server", 43780), severity: SECURITY_HOLE, port:port); hp_data_protector_check(os:"linux", os_version_pat: linux_pat, version_pat: ver_621_pat, fixed_internal_build: 409, comp_patches: make_array("core", 273, "cell_server", 272), severity: SECURITY_HOLE, port:port); hp_data_protector_check(os:"solaris", os_version_pat: solaris_pat, version_pat: ver_621_pat, fixed_internal_build: 409, comp_patches: make_array("core", 513, "cell_server", 512), severity: SECURITY_HOLE, port:port); hp_data_protector_check(os:"windows", os_version_pat: windows_pat, version_pat: ver_621_pat, fixed_internal_build: 409, comp_patches: make_array("disk_agent", 666, "core", 665, "cell_server", 664), severity: SECURITY_HOLE, port:port); # 7.00 windows_pat = "^(5\.2|6\.[012])$"; linux_pat = "(el[5-6]|SLES(10|11))(\.|$|[^0-9])"; hp_data_protector_check(os:"hpux", os_version_pat: hpux_pat, version_pat: ver_700_pat, fixed_internal_build: 106, comp_patches: make_array("core", 43890, "cell_server", 43889), severity: SECURITY_HOLE, port:port); hp_data_protector_check(os:"linux", os_version_pat: linux_pat, version_pat: ver_700_pat, fixed_internal_build: 106, comp_patches: make_array("core", 288, "cell_server", 287), severity: SECURITY_HOLE, port:port); hp_data_protector_check(os:"windows", os_version_pat: windows_pat, version_pat: ver_700_pat, fixed_internal_build: 106, comp_patches: make_array("disk_agent", 684, "core", 669, "cell_server", 668), severity: SECURITY_HOLE, port:port); # 8.00 hp_data_protector_check(os:"hpux", os_version_pat: hpux_pat, version_pat: ver_800_pat, patch_bundle: 801, fixed_internal_build: 600, comp_patches: make_array("core" , 43735, "cell_server", 43734, "media_agent" , 43736, "disk_agent" , 43737, "cell_console", 43738, "vepa" , 43739), severity: SECURITY_HOLE, port:port); hp_data_protector_check(os:"linux", os_version_pat: linux_pat, version_pat: ver_800_pat, patch_bundle: 801, fixed_internal_build: 600, comp_patches: make_array("core" , 265, "cell_server", 264, "media_agent" , 266, "disk_agent" , 267, "cell_console", 268, "vepa" , 269), severity: SECURITY_HOLE, port:port); hp_data_protector_check(os:"windows", os_version_pat: windows_pat, version_pat: ver_800_pat, patch_bundle: 801, fixed_internal_build: 600, comp_patches: make_array("core" , 659, "cell_server", 658, "media_agent" , 660, "disk_agent" , 661, "cell_console", 662, "vepa" , 663), severity: SECURITY_HOLE, port:port); # 8.10 hp_data_protector_check(os:"hpux", os_version_pat: hpux_pat, version_pat: ver_810_pat, patch_bundle: 811, fixed_internal_build: 200, comp_patches: make_array("core" , 43826, "cell_server", 43825, "media_agent" , 43828, "disk_agent" , 43827, "cell_console" , 43829, "vepa" , 43831, "vmware_gre" , 43840, "sos" , 43832, "emc" , 43833, "sap_hana" , 43834, "documentation", 43830, "ssea" , 43837, "autodr" , 43839), severity: SECURITY_HOLE, port:port); hp_data_protector_check(os:"linux", os_version_pat: linux_pat, version_pat: ver_810_pat, patch_bundle: 811, fixed_internal_build: 200, comp_patches: make_array("core" , 275, "cell_server", 274, "media_agent" , 277, "disk_agent" , 276, "cell_console" , 278, "vepa" , 280, "vmware_gre" , 286, "sos" , 281, "emc" , 285, "sap_hana" , 282, "documentation", 279, "ssea" , 284, "autodr" , 283), severity: SECURITY_HOLE, port:port); hp_data_protector_check(os:"windows", os_version_pat: windows_pat, version_pat: ver_810_pat, patch_bundle: 811, fixed_internal_build: 200, comp_patches: make_array("core" , 671, "cell_server" , 670, "media_agent" , 673, "disk_agent" , 672, "cell_console", 674, "vepa" , 676, "vmware_gre" , 682, "sos" , 677, "emc" , 680, "documentation", 675, "autodr" , 681), severity: SECURITY_HOLE, port:port); # Not vuln if we've reached this point. Exit with correct audit. hp_data_protector_check_exit(port:port);
Seebug
bulletinFamily | exploit |
description | BUGTRAQ ID: 64647 CVE(CAN) ID: CVE-2013-2344,CVE-2013-2345,CVE-2013-2346,CVE-2013-2347,CVE-2013-2348,CVE-2013-2349,CVE-2013-2350,CVE-2013-6194,CVE-2013-6195 HP OpenView Storage Data Protector是备份数据和恢复过程的应用。 HP Data Protector在实现上存在多个安全漏洞,包括远程代码执行漏洞、权限提升漏洞、拒绝服务漏洞,攻击者成功利用这些漏洞后,可执行任意代码、提升权限、造成拒绝服务等。 0 HP Data Protector 6.x 厂商补丁: HP -- HP已经为此发布了一个安全公告(HPSBMU02895)以及相应补丁: HPSBMU02895:HP Data Protector, Remote Increase of Privilege, Denial of Service (DoS), Execution of Arbitrary Code 链接:https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03822422 |
id | SSV:61279 |
last seen | 2017-11-19 |
modified | 2014-01-06 |
published | 2014-01-06 |
reporter | Root |
source | https://www.seebug.org/vuldb/ssvid-61279 |
title | HP Storage Data Protector多个安全漏洞 |