Lucene search

K
saintSAINT CorporationSAINT:44CFFE5FDCEAA9D730AA7ECCD7D0D233
HistoryFeb 18, 2015 - 12:00 a.m.

HP Data Protector Windows Unauthenticated Remote Code Execution

2015-02-1800:00:00
SAINT Corporation
www.saintcorporation.com
26

0.522 Medium

EPSS

Percentile

97.6%

Added: 02/18/2015
CVE: CVE-2014-2623
BID: 68672
OSVDB: 109069

Background

HP Data Protector is a backup solution for enterprise and distributed environments. Data Protector Manager listens on port 5555/TCP.

Problem

HP Data Protector is vulnerable to remote unauthenticated arbitrary command execution when processing specially crafted commands received on port 5555/TCP.

Resolution

Enable Encrypted Control Communications (ECC) services on the cell server and all of the clients in cell as described in HP Security Bulletin HPSBMU03072.

References

<https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04373818&gt;

Limitations

Exploit works on HP Data Protector 8.10 on Windows Server 2003, Windows Server 2008, and Windows Server 2012.