SAINT CorporationSAINT:30ED1DF64FD145ED1C56022909DBA085Iron Mountain Connected Backup Opcode 13 Processing Command Injection
0.828 High
EPSS
Percentile
98.4%
Added: 12/12/2011
CVE: CVE-2011-2397
BID: 50884
OSVDB: 77495
Background
Iron Mountain Connected Backup is a solution for automatic online backup and recovery for Microsoft Windows and Mac OS X. An agent is installed on each computer that is to be backed up. The agent listens by default on TCP port 16388.
Problem
The Agent service in Iron Mountain Connected Backup allows remote attackers to execute arbitrary code via a crafted **opcode** 13 request that triggers use of the **LaunchCompoundFileAnalyzer** class to send request data to the **System.getRunTime.exec** method.
Resolution
Updated versions are available through normal support channels (http://customers.autonomy.com, http://digitalresourcecenter.ironmountain.com).
References
<http://www.zerodayinitiative.com/advisories/ZDI-11-339/>
Limitations
Exploit works on Iron Mountain Connected BackupPC 8.5.1.
Platforms
Windows
Related
