Detalji

Kod programskog paketa HP OpenView Storage Data Protector Media Operations je uočena sigurnosna ranjivost u radu koja se može manifestirati potpunim preuzimanjem kontrole nad ranjivim sustavom. Uzrok ranjivosti je korupcija memorije u komponenti "DBServer.exe" uslijed obrade određenih korisničkih zahtjeva. Konkretno, radi se o zahtjevima upućenim na TCP priključak 19813. Udaljeni, zlonamjerni korisnik može tako izvesti proizvoljan programski kod sa SYSTEM ovlastima. U svrhu zaštite korisnicima se savjetuje instalacija dostupnih programskih ispravaka.

HP OpenView Storage Data Protector Media Operations Memory Corruption

VUPEN ID 	VUPEN/ADV-2011-0757
CVE ID 	GENERIC-MAP-NOMATCH
 
CWE ID 	Available in VUPEN VNS Customer Area
CVSS V2 	Available in VUPEN VNS Customer Area
Rated as 	Critical 
Impact 	Available in VUPEN VNS Customer Area
Authentication Level 	Available in VUPEN VNS Customer Area
Access Vector 	Available in VUPEN VNS Customer Area
Release Date 	2011-03-24
Share 	Twitter LinkedIn Facebook Delicious Digg Slashdot

Technical Description

A vulnerability has been identified in HP OpenView Storage Data Protector Media Operations, which could be exploited by remote attackers to take complete control of a vulnerable system. This issue is caused by a memory corruption error in the "DBServer.exe" component when processing user-supplied requests sent to port 19813/TCP, which could be exploited by remote unauthenticated attackers to execute arbitrary code with SYSTEM privileges.

Affected Products

HP OpenView Storage Data Protector Media Operations versions 6.x

Solution 

VUPEN Security is not aware of any vendor-supplied patch.

References

http://www.vupen.com/english/advisories/2011/0757
http://www.zerodayinitiative.com/advisories/ZDI-11-112/

Credits 

Vulnerability reported by Roi Mallo via TippingPoint ZDI.

Changelog 

2011-03-24 : Initial release

Idi na vrh