Vulnerabilities > CVE-2013-6194 - Unspecified vulnerability in HP Storage Data Protector 6.20/6.21

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
hp
critical
nessus
exploit available
metasploit

Summary

Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1905.

Vulnerable Configurations

Part Description Count
Application
Hp
10

Exploit-Db

descriptionHP Data Protector Backup Client Service Directory Traversal. CVE-2013-6194. Remote exploit for windows platform
fileexploits/windows/remote/31181.rb
idEDB-ID:31181
last seen2016-02-03
modified2014-01-24
platformwindows
port5555
published2014-01-24
reportermetasploit
sourcehttps://www.exploit-db.com/download/31181/
titleHP Data Protector Backup Client Service - Directory Traversal
typeremote

Metasploit

descriptionThis module exploits a directory traversal vulnerability in the Hewlett-Packard Data Protector product. The vulnerability exists in the Backup Client Service (OmniInet.exe) and is triggered when parsing packets with opcode 42. This module has been tested successfully on HP Data Protector 6.20 on Windows 2003 SP2 and Windows XP SP3.
idMSF:EXPLOIT/WINDOWS/MISC/HP_DATAPROTECTOR_TRAVERSAL
last seen2020-05-24
modified2017-07-24
published2014-01-16
references
reporterRapid7
sourcehttps://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/misc/hp_dataprotector_traversal.rb
titleHP Data Protector Backup Client Service Directory Traversal

Nessus

  • NASL familyHP-UX Local Security Checks
    NASL idHPUX_PHSS_43889.NASL
    descriptions700_800 11.X OV DP7.00 HP-UX IA/PA - Cell Server patch : Potential security vulnerabilities have been identified with HP Data Protector. These vulnerabilities could be remotely exploited to allow an increase of privilege, create a Denial of Service (DoS), or execute arbitrary code. References: CVE-2013-2344 (ZDI-CAN-1866, SSRT101217) CVE-2013-2345 (ZDI-CAN-1869, SSRT101218) CVE-2013-2346 (ZDI-CAN-1870, SSRT101219) CVE-2013-2347 (ZDI-CAN-1885, SSRT101220) CVE-2013-2348 (ZDI-CAN-1892, SSRT101221) CVE-2013-2349 (ZDI-CAN-1896, SSRT101222) CVE-2013-2350 (ZDI-CAN-1897, SSRT101223) CVE-2013-6194 (ZDI-CAN-1905, SSRT101233) CVE-2013-6195 (ZDI-CAN-2008, SSRT101348).
    last seen2020-06-01
    modified2020-06-02
    plugin id73718
    published2014-04-27
    reporterThis script is Copyright (C) 2014-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/73718
    titleHP-UX PHSS_43889 : s700_800 11.X OV DP7.00 HP-UX IA/PA - Cell Server patch
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and patch checks in this plugin were 
    # extracted from HP patch PHSS_43889. The text itself is
    # copyright (C) Hewlett-Packard Development Company, L.P.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(73718);
      script_version("1.5");
      script_cvs_date("Date: 2018/07/12 19:01:15");
    
      script_cve_id("CVE-2013-2344", "CVE-2013-2345", "CVE-2013-2346", "CVE-2013-2347", "CVE-2013-2348", "CVE-2013-2349", "CVE-2013-2350", "CVE-2013-6194", "CVE-2013-6195");
      script_bugtraq_id(64647);
      script_xref(name:"HP", value:"emr_na-c03822422");
    
      script_name(english:"HP-UX PHSS_43889 : s700_800 11.X OV DP7.00 HP-UX IA/PA - Cell Server patch");
      script_summary(english:"Checks for the patch in the swlist output");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote HP-UX host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "s700_800 11.X OV DP7.00 HP-UX IA/PA - Cell Server patch : 
    
    Potential security vulnerabilities have been identified with HP Data
    Protector. These vulnerabilities could be remotely exploited to allow
    an increase of privilege, create a Denial of Service (DoS), or execute
    arbitrary code. References: CVE-2013-2344 (ZDI-CAN-1866, SSRT101217)
    CVE-2013-2345 (ZDI-CAN-1869, SSRT101218) CVE-2013-2346 (ZDI-CAN-1870,
    SSRT101219) CVE-2013-2347 (ZDI-CAN-1885, SSRT101220) CVE-2013-2348
    (ZDI-CAN-1892, SSRT101221) CVE-2013-2349 (ZDI-CAN-1896, SSRT101222)
    CVE-2013-2350 (ZDI-CAN-1897, SSRT101223) CVE-2013-6194 (ZDI-CAN-1905,
    SSRT101233) CVE-2013-6195 (ZDI-CAN-2008, SSRT101348)."
      );
      # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03822422
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?fe03aaf8"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Install patch PHSS_43889 or subsequent."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'HP Data Protector Backup Client Service Directory Traversal');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:hp-ux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2014/04/11");
      script_set_attribute(attribute:"plugin_publication_date", value:"2014/04/27");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.");
      script_family(english:"HP-UX Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("hpux.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/HP-UX/version")) audit(AUDIT_OS_NOT, "HP-UX");
    if (!get_kb_item("Host/HP-UX/swlist")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    if (!hpux_check_ctx(ctx:"11.11 11.23 11.31"))
    {
      exit(0, "The host is not affected since PHSS_43889 applies to a different OS release.");
    }
    
    patches = make_list("PHSS_43889");
    foreach patch (patches)
    {
      if (hpux_installed(app:patch))
      {
        exit(0, "The host is not affected because patch "+patch+" is installed.");
      }
    }
    
    
    flag = 0;
    if (hpux_check_patch(app:"DATA-PROTECTOR.OMNI-CS", version:"A.07.00")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:hpux_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyHP-UX Local Security Checks
    NASL idHPUX_PHSS_43890.NASL
    descriptions700_800 11.X OV DP7.00 HP-UX IA/PA - Core patch : Potential security vulnerabilities have been identified with HP Data Protector. These vulnerabilities could be remotely exploited to allow an increase of privilege, create a Denial of Service (DoS), or execute arbitrary code. References: CVE-2013-2344 (ZDI-CAN-1866, SSRT101217) CVE-2013-2345 (ZDI-CAN-1869, SSRT101218) CVE-2013-2346 (ZDI-CAN-1870, SSRT101219) CVE-2013-2347 (ZDI-CAN-1885, SSRT101220) CVE-2013-2348 (ZDI-CAN-1892, SSRT101221) CVE-2013-2349 (ZDI-CAN-1896, SSRT101222) CVE-2013-2350 (ZDI-CAN-1897, SSRT101223) CVE-2013-6194 (ZDI-CAN-1905, SSRT101233) CVE-2013-6195 (ZDI-CAN-2008, SSRT101348).
    last seen2020-06-01
    modified2020-06-02
    plugin id73719
    published2014-04-27
    reporterThis script is Copyright (C) 2014-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/73719
    titleHP-UX PHSS_43890 : s700_800 11.X OV DP7.00 HP-UX IA/PA - Core patch
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and patch checks in this plugin were 
    # extracted from HP patch PHSS_43890. The text itself is
    # copyright (C) Hewlett-Packard Development Company, L.P.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(73719);
      script_version("1.5");
      script_cvs_date("Date: 2018/07/12 19:01:15");
    
      script_cve_id("CVE-2013-2344", "CVE-2013-2345", "CVE-2013-2346", "CVE-2013-2347", "CVE-2013-2348", "CVE-2013-2349", "CVE-2013-2350", "CVE-2013-6194", "CVE-2013-6195");
      script_bugtraq_id(64647);
      script_xref(name:"HP", value:"emr_na-c03822422");
    
      script_name(english:"HP-UX PHSS_43890 : s700_800 11.X OV DP7.00 HP-UX IA/PA - Core patch");
      script_summary(english:"Checks for the patch in the swlist output");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote HP-UX host is missing a security-related patch."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "s700_800 11.X OV DP7.00 HP-UX IA/PA - Core patch : 
    
    Potential security vulnerabilities have been identified with HP Data
    Protector. These vulnerabilities could be remotely exploited to allow
    an increase of privilege, create a Denial of Service (DoS), or execute
    arbitrary code. References: CVE-2013-2344 (ZDI-CAN-1866, SSRT101217)
    CVE-2013-2345 (ZDI-CAN-1869, SSRT101218) CVE-2013-2346 (ZDI-CAN-1870,
    SSRT101219) CVE-2013-2347 (ZDI-CAN-1885, SSRT101220) CVE-2013-2348
    (ZDI-CAN-1892, SSRT101221) CVE-2013-2349 (ZDI-CAN-1896, SSRT101222)
    CVE-2013-2350 (ZDI-CAN-1897, SSRT101223) CVE-2013-6194 (ZDI-CAN-1905,
    SSRT101233) CVE-2013-6195 (ZDI-CAN-2008, SSRT101348)."
      );
      # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03822422
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?fe03aaf8"
      );
      script_set_attribute(
        attribute:"solution", 
        value:"Install patch PHSS_43890 or subsequent."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'HP Data Protector Backup Client Service Directory Traversal');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:hp:hp-ux");
    
      script_set_attribute(attribute:"patch_publication_date", value:"2014/04/11");
      script_set_attribute(attribute:"plugin_publication_date", value:"2014/04/27");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.");
      script_family(english:"HP-UX Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/HP-UX/version", "Host/HP-UX/swlist");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("hpux.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/HP-UX/version")) audit(AUDIT_OS_NOT, "HP-UX");
    if (!get_kb_item("Host/HP-UX/swlist")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    if (!hpux_check_ctx(ctx:"11.11 11.23 11.31"))
    {
      exit(0, "The host is not affected since PHSS_43890 applies to a different OS release.");
    }
    
    patches = make_list("PHSS_43890");
    foreach patch (patches)
    {
      if (hpux_installed(app:patch))
      {
        exit(0, "The host is not affected because patch "+patch+" is installed.");
      }
    }
    
    
    flag = 0;
    if (hpux_check_patch(app:"DATA-PROTECTOR.OMNI-CF-P", version:"A.07.00")) flag++;
    if (hpux_check_patch(app:"DATA-PROTECTOR.OMNI-CORE", version:"A.07.00")) flag++;
    if (hpux_check_patch(app:"DATA-PROTECTOR.OMNI-CORE-IS", version:"A.07.00")) flag++;
    if (hpux_check_patch(app:"DATA-PROTECTOR.OMNI-INTEG-P", version:"A.07.00")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:hpux_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyMisc.
    NASL idHP_DATA_PROTECTOR_HPSBMU02895.NASL
    descriptionThe remote HP Data Protector install is affected by multiple vulnerabilities that could allow a remote attacker to gain elevated privileges, trigger a denial of service vulnerability, or in the worst case, execute arbitrary code.
    last seen2020-06-01
    modified2020-06-02
    plugin id71806
    published2014-01-06
    reporterThis script is Copyright (C) 2014-2018 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/71806
    titleHP Data Protector Multiple Vulnerabilities (HPSBMU02895 SSRT101253)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(71806);
      script_version("1.16");
      script_cvs_date("Date: 2018/11/15 20:50:23");
    
      script_cve_id(
        "CVE-2013-2344",
        "CVE-2013-2345",
        "CVE-2013-2346",
        "CVE-2013-2347",
        "CVE-2013-2348",
        "CVE-2013-2349",
        "CVE-2013-2350",
        "CVE-2013-6194",
        "CVE-2013-6195"
      );
      script_bugtraq_id(64647);
      script_xref(name:"EDB-ID", value:"31689");
    
      script_name(english:"HP Data Protector Multiple Vulnerabilities (HPSBMU02895 SSRT101253)");
      script_summary(english:"Checks versions");
    
      script_set_attribute(attribute:"synopsis", value:"The remote host is affected by multiple vulnerabilities.");
      script_set_attribute(attribute:"description", value:
    "The remote HP Data Protector install is affected by multiple
    vulnerabilities that could allow a remote attacker to gain elevated
    privileges, trigger a denial of service vulnerability, or in the worst
    case, execute arbitrary code.");
      script_set_attribute(attribute:"see_also", value:"https://www.zerodayinitiative.com/advisories/ZDI-14-001/");
      script_set_attribute(attribute:"see_also", value:"https://www.zerodayinitiative.com/advisories/ZDI-14-002/");
      script_set_attribute(attribute:"see_also", value:"https://www.zerodayinitiative.com/advisories/ZDI-14-003/");
      script_set_attribute(attribute:"see_also", value:"https://www.zerodayinitiative.com/advisories/ZDI-14-004/");
      script_set_attribute(attribute:"see_also", value:"https://www.zerodayinitiative.com/advisories/ZDI-14-005/");
      script_set_attribute(attribute:"see_also", value:"https://www.zerodayinitiative.com/advisories/ZDI-14-006/");
      script_set_attribute(attribute:"see_also", value:"https://www.zerodayinitiative.com/advisories/ZDI-14-007/");
      script_set_attribute(attribute:"see_also", value:"https://www.zerodayinitiative.com/advisories/ZDI-14-008/");
      script_set_attribute(attribute:"see_also", value:"https://www.zerodayinitiative.com/advisories/ZDI-14-009/");
      # http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03822422
      script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?fe03aaf8");
      script_set_attribute(attribute:"solution", value:"Patch the installation according to the vendor's advisory.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
      script_set_attribute(attribute:"exploit_available", value:"true");
      script_set_attribute(attribute:"exploit_framework_core", value:"true");
      script_set_attribute(attribute:"metasploit_name", value:'HP Data Protector Backup Client Service Directory Traversal');
      script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2014/01/02");
      script_set_attribute(attribute:"patch_publication_date", value:"2014/01/02");
      script_set_attribute(attribute:"plugin_publication_date", value:"2014/01/06");
    
      script_set_attribute(attribute:"plugin_type", value:"combined");
      script_set_attribute(attribute:"cpe", value:"cpe:/a:hp:storage_data_protector");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"Misc.");
    
      script_copyright(english:"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.");
    
      script_require_ports("Services/hp_openview_dataprotector", 5555);
      script_dependencies("os_fingerprint.nasl", "ssh_get_info.nasl", "hp_data_protector_installed.nasl","hp_data_protector_installed_local.nasl");
      script_require_keys("Services/data_protector/version");
    
      exit(0);
    }
    
    include("hp_data_protector_version.inc");
    
    port = get_service(svc:'hp_openview_dataprotector', default:5555, exit_on_fail:TRUE);
    
    # patterns matching affected platforms
    hpux_pat = "^11\.(11|23|31)$";
    solaris_pat = "^5(\.|$|[^0-9])";
    
    # patterns for matching against affected versions
    ver_621_pat = "^A\.06\.2[01]$";
    ver_700_pat = "^A\.07\.0[01]$";
    ver_800_pat = "^A\.08\.00$";
    ver_810_pat = "^A\.08\.10$";
    
    windows_pat = "^(5\.2|6\.0)$";
    linux_pat = "(el[4-6]|SLES(9|10|11))(\.|$|[^0-9])";
    
    # 6.21
    hp_data_protector_check(os:"hpux",
                            os_version_pat: hpux_pat,
                            version_pat: ver_621_pat,
                            fixed_internal_build: 409,
                            comp_patches: make_array("core", 43781, "cell_server", 43780),
                            severity: SECURITY_HOLE,
                            port:port);
    
    hp_data_protector_check(os:"linux",
                            os_version_pat: linux_pat,
                            version_pat: ver_621_pat,
                            fixed_internal_build: 409,
                            comp_patches: make_array("core", 273, "cell_server", 272),
                            severity: SECURITY_HOLE,
                            port:port);
    
    hp_data_protector_check(os:"solaris",
                            os_version_pat: solaris_pat,
                            version_pat: ver_621_pat,
                            fixed_internal_build: 409,
                            comp_patches: make_array("core", 513, "cell_server", 512),
                            severity: SECURITY_HOLE,
                            port:port);
    
    hp_data_protector_check(os:"windows",
                            os_version_pat: windows_pat,
                            version_pat: ver_621_pat,
                            fixed_internal_build: 409,
                            comp_patches: make_array("disk_agent", 666, "core", 665, "cell_server", 664),
                            severity: SECURITY_HOLE,
                            port:port);
    
    # 7.00
    windows_pat = "^(5\.2|6\.[012])$";
    linux_pat = "(el[5-6]|SLES(10|11))(\.|$|[^0-9])";
    
    hp_data_protector_check(os:"hpux",
                            os_version_pat: hpux_pat,
                            version_pat: ver_700_pat,
                            fixed_internal_build: 106,
                            comp_patches: make_array("core", 43890, "cell_server", 43889),
                            severity: SECURITY_HOLE,
                            port:port);
    
    hp_data_protector_check(os:"linux",
                            os_version_pat: linux_pat,
                            version_pat: ver_700_pat,
                            fixed_internal_build: 106,
                            comp_patches: make_array("core", 288, "cell_server", 287),
                            severity: SECURITY_HOLE,
                            port:port);
    
    hp_data_protector_check(os:"windows",
                            os_version_pat: windows_pat,
                            version_pat: ver_700_pat,
                            fixed_internal_build: 106,
                            comp_patches: make_array("disk_agent", 684, "core", 669, "cell_server", 668),
                            severity: SECURITY_HOLE,
                            port:port);
    
    # 8.00
    hp_data_protector_check(os:"hpux",
                            os_version_pat: hpux_pat,
                            version_pat: ver_800_pat,
                            patch_bundle: 801,
                            fixed_internal_build: 600,
                            comp_patches: make_array("core"        , 43735, "cell_server", 43734,
                                                     "media_agent" , 43736, "disk_agent" , 43737,
                                                     "cell_console", 43738, "vepa"       , 43739),
                            severity: SECURITY_HOLE,
                            port:port);
    
    hp_data_protector_check(os:"linux",
                            os_version_pat: linux_pat,
                            version_pat: ver_800_pat,
                            patch_bundle: 801,
                            fixed_internal_build: 600,
                            comp_patches: make_array("core"        , 265, "cell_server", 264,
                                                     "media_agent" , 266, "disk_agent" , 267,
                                                     "cell_console", 268, "vepa"       , 269),
                            severity: SECURITY_HOLE,
                            port:port);
    
    hp_data_protector_check(os:"windows",
                            os_version_pat: windows_pat,
                            version_pat: ver_800_pat,
                            patch_bundle: 801,
                            fixed_internal_build: 600,
                            comp_patches: make_array("core"        , 659, "cell_server", 658,
                                                     "media_agent" , 660, "disk_agent" , 661,
                                                     "cell_console", 662, "vepa"       , 663),
                            severity: SECURITY_HOLE,
                            port:port);
    
    # 8.10
    hp_data_protector_check(os:"hpux",
                            os_version_pat: hpux_pat,
                            version_pat: ver_810_pat,
                            patch_bundle: 811,
                            fixed_internal_build: 200,
                            comp_patches: make_array("core"         , 43826, "cell_server", 43825,
                                                     "media_agent"  , 43828, "disk_agent" , 43827,
                                                     "cell_console" , 43829, "vepa"       , 43831,
                                                     "vmware_gre"   , 43840, "sos"        , 43832,
                                                     "emc"          , 43833, "sap_hana"   , 43834,
                                                     "documentation", 43830, "ssea"       , 43837,
                                                     "autodr"       , 43839),
                            severity: SECURITY_HOLE,
                            port:port);
    
    hp_data_protector_check(os:"linux",
                            os_version_pat: linux_pat,
                            version_pat: ver_810_pat,
                            patch_bundle: 811,
                            fixed_internal_build: 200,
                            comp_patches: make_array("core"         , 275, "cell_server", 274,
                                                     "media_agent"  , 277, "disk_agent" , 276,
                                                     "cell_console" , 278, "vepa"       , 280,
                                                     "vmware_gre"   , 286, "sos"        , 281,
                                                     "emc"          , 285, "sap_hana"   , 282,
                                                     "documentation", 279, "ssea"       , 284,
                                                     "autodr"       , 283),
                            severity: SECURITY_HOLE,
                            port:port);
    
    hp_data_protector_check(os:"windows",
                            os_version_pat: windows_pat,
                            version_pat: ver_810_pat,
                            patch_bundle: 811,
                            fixed_internal_build: 200,
                            comp_patches: make_array("core"        , 671, "cell_server"  , 670,
                                                     "media_agent" , 673, "disk_agent"   , 672,
                                                     "cell_console", 674, "vepa"         , 676,
                                                     "vmware_gre"  , 682, "sos"          , 677,
                                                     "emc"         , 680, "documentation", 675,
                                                     "autodr"      , 681),
                            severity: SECURITY_HOLE,
                            port:port);
    
    # Not vuln if we've reached this point.  Exit with correct audit.
    hp_data_protector_check_exit(port:port);
    
    

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/124862/hp_dataprotector_traversal.rb.txt
idPACKETSTORM:124862
last seen2016-12-05
published2014-01-21
reporterjuan vazquez
sourcehttps://packetstormsecurity.com/files/124862/HP-Data-Protector-Backup-Client-Service-Directory-Traversal.html
titleHP Data Protector Backup Client Service Directory Traversal

Saint

bid64647
descriptionHP Data Protector Backup Client Service opcode 42 directory traversal
osvdb101630
titlehp_data_protector_omniinet_opcode_42
typeremote

Seebug

bulletinFamilyexploit
descriptionBUGTRAQ ID: 64647 CVE(CAN) ID: CVE-2013-2344,CVE-2013-2345,CVE-2013-2346,CVE-2013-2347,CVE-2013-2348,CVE-2013-2349,CVE-2013-2350,CVE-2013-6194,CVE-2013-6195 HP OpenView Storage Data Protector是备份数据和恢复过程的应用。 HP Data Protector在实现上存在多个安全漏洞,包括远程代码执行漏洞、权限提升漏洞、拒绝服务漏洞,攻击者成功利用这些漏洞后,可执行任意代码、提升权限、造成拒绝服务等。 0 HP Data Protector 6.x 厂商补丁: HP -- HP已经为此发布了一个安全公告(HPSBMU02895)以及相应补丁: HPSBMU02895:HP Data Protector, Remote Increase of Privilege, Denial of Service (DoS), Execution of Arbitrary Code 链接:https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c03822422
idSSV:61279
last seen2017-11-19
modified2014-01-06
published2014-01-06
reporterRoot
sourcehttps://www.seebug.org/vuldb/ssvid-61279
titleHP Storage Data Protector多个安全漏洞