Update Protection against HP OpenView Storage Data Protector Cell Manager Heap Buffer Overflow
| Check Point Reference: | CPAI-2010-139 | |
| Date Published: | ||
| Severity: | ||
| Source: | Secunia Advisory SA37845 | |
| Industry Reference(s): | ||
| Protection Provided by: |
IPS-1
|
|
| Who is Vulnerable? HP OpenView Data Protector Application Recovery Manager 5.5 HP OpenView Data Protector Application Recovery Manager 6.0 | ||
| Vulnerability Description A buffer overflow vulnerability exists in HP OpenView Data Protector Cell Manager, a backup solution designed for enterprise and distributed environments. The flaw is due to an integer overflow while processing crafted packets received on port 1530/TCP. A remote attacker can exploit this vulnerability by sending maliciously crafted packets to the affected service. |
||
|
Update/Patch Available Vendor's advisory |
|
|
Vulnerability Details The vulnerability is due to an integer overflow that occurs while processing crafted requests. A remote unauthenticated attacker can exploit this vulnerability by sending a crafted request to a target server, potentially leading to execution of arbitrary code. |
Protection Overview The protection detect and block attempts to send commands to the HP Cell Manager with invalid length specified.
To configure the defense, select your product from the list below and follow the related protection steps.