SAINT CorporationSAINT:46C203F4BCFCC6DC44181AE7D85449F0Iron Mountain Connected Backup Opcode 13 Processing Command Injection
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.828 High
EPSS
Percentile
98.4%
Added: 12/12/2011
CVE: CVE-2011-2397
BID: 50884
OSVDB: 77495
Background
Iron Mountain Connected Backup is a solution for automatic online backup and recovery for Microsoft Windows and Mac OS X. An agent is installed on each computer that is to be backed up. The agent listens by default on TCP port 16388.
Problem
The Agent service in Iron Mountain Connected Backup allows remote attackers to execute arbitrary code via a crafted **opcode** 13 request that triggers use of the **LaunchCompoundFileAnalyzer** class to send request data to the **System.getRunTime.exec** method.
Resolution
Updated versions are available through normal support channels (http://customers.autonomy.com, http://digitalresourcecenter.ironmountain.com).
References
<http://www.zerodayinitiative.com/advisories/ZDI-11-339/>
Limitations
Exploit works on Iron Mountain Connected BackupPC 8.5.1.
Platforms
Windows
Related
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.828 High
EPSS
Percentile
98.4%