Signature Detail

APP: HP OpenView Storage Data Protector Cell Manager Heap Buffer Overflow

This signature detects attempts to exploit a known heap buffer overflow vulnerability in HP OpenView Data Protector Cell Manager. It is due to an integer overflow while processing crafted packets received on port 1530/TCP. A remote unauthenticated attacker can exploit this by sending maliciously crafted packets to the affected service. In a successful attack, arbitrary code is injected and executed on the target machine; the behavior of the target is dependent on the logic of the malicious code and can result in arbitrary code execution within the security context of the service, which is usually SYSTEM. An unsuccessful attack can cause the target service to abnormally terminate.

Extended Description

HP OpenView Storage Data Protector is prone to a remote integer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successful exploits will completely compromise affected computers. Failed exploit attempts will result in a denial-of-service condition. NOTE: This BID was previously titled "HP OpenView Storage Data Protector Multiple Remote Code Execution Vulnerabilities", but the issue (described by CVE-2007-2280) has been moved to BID 37396 (HP OpenView Storage Data Protector Stack Buffer Overflow Vulnerability) to better document it.

Affected Products

• HP OpenView Storage Data Protector 5.1
• HP OpenView Storage Data Protector 5.5.0
• HP OpenView Storage Data Protector 6.0

References

• BugTraq: 37386
• CVE: CVE-2007-2281