Signature Detail
Short Name |
APP:HP-DATA-PRTCTR-OP42-DIR-TRV |
|---|---|
Severity |
Medium |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
APP |
Keywords |
HP Data Protector Opcode 42 Directory Traversal |
Release Date |
2014/02/11 |
Update Number |
2344 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
APP: HP Data Protector Opcode 42 Directory Traversal
This signature detects attempts to exploit a known vulnerability in the HP Data Protector. The vulnerability is due to a lack of input sanitization on a file name provided with Opcode 42. The file name is not sanitized for directory traversal characters, allowing an attacker to write arbitrary content to the file system. A remote unauthenticated attacker could exploit this vulnerability by sending a crafted request to the vulnerable service. Successful exploitation could cause writing arbitrary files to the file system which could result in code execution in the context of the the affected service, which is SYSTEM by default.
Extended Description
Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1905.
Affected Products
- hp storage_data_protector 6.20 (-:~~~windows_server_2003~~)
- hp storage_data_protector 6.20 (-:~~~windows_server_2008~~)
- hp storage_data_protector 6.21 (-:~~~hp-ux~~)
- hp storage_data_protector 6.21 (-:~~~redhat_enterprise_linux~~)
- hp storage_data_protector 6.21 (-:~~~solaris~~)
- hp storage_data_protector 6.21 (-:~~~windows_server_2003~~)
- hp storage_data_protector 6.21 (-:~~~windows_server_2008~~)
References
- BugTraq: 64647
- CVE: CVE-2013-6194