virus logo Intrusion Prevention

HP.Data.Protector.CRS.Multiple.Opcode.Stack.Buffer.Overflow

description-logoDescription

This indicates an attack attempt against a Stack Buffer Overflow vulnerability in HP Data Protector.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application when handling a crafted request. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application, via a crafted request to the vulnerable service.

affected-products-logoAffected Products

HP Data Protector 6.21
HP Data Protector 6.20
HP Data Protector 7.01
HP Data Protector 7.00

Impact logoImpact

System Compromise: Remote attackers can execute arbitrary code in the context of the affected application.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&
spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c03781657-1%257CdocLocale%
253D%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.
endCacheTok=com.vignette.cachetoken

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

http://www.zerodayinitiative.com/advisories/ZDI-13-121/
ID 36101
Created Jul 18, 2013
Updated Mar 28, 2022
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
CVE ID CVE-2013-2324
Exploit Prediction Score 14.45%
Default Action drop
Active
Affected OS Windows, Linux, BSD, Solaris
Affected App HP