HP Data Protector Media Operations Server 'DBServer.exe' Remote Code Execution
Synopsis :
The remote service is affected by a remote code execution
vulnerability.
Description :
According to its version, the installation of HP Data Protector Media
Operations Server on the remote host allows an attacker to execute
arbitrary code on the affected host with SYSTEM privileges due to a
buffer overflow.
Note that the vendor reports only Windows installs are affected.
See also :
only registered users with at least 25 hack challenge points can see links: click here in order to visit the hack challengeshttp://www.zerodayinitiative.com/advisories/ZDI-11-112/
only registered users with at least 25 hack challenge points can see links: click here in order to visit the hack challengeshttp://archives.neohapsis.com/archives/bugtraq/2011-03/0226.html
only registered users with at least 25 hack challenge points can see links: click here in order to visit the hack challengeshttp://www.nessus.org/u?5b3eef63
Solution :
Apply the SMO A.06.20.01 patch as described in the vendor
advisory.
Risk factor :
Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
original thread: only registered users with at least 25 hack challenge points can see links: click here in order to visit the hack challengeshttp://www.nessus.org/plugins/index.php?view=single&id=57862
