CVE-2012-0123

Related Files

Hewlett-Packard Data Protector DtbClsAddObject Parsing Remote Code Execution

Posted Jun 29, 2012

Authored by Aaron Portnoy, HP DVLabs | Site tippingpoint.com

A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Data Protector. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dpwintdb.exe process which listens by default on TCP port 3817. When parsing data within a DtbClsAddObject request, the process copies data from the network into a fixed-length buffer on the stack via an unchecked loop. This can be leveraged by attackers to execute arbitrary code under the context of the SYSTEM user.

tags | advisory, remote, arbitrary, tcp

advisories | CVE-2012-0123

SHA-256 | 556adc16dad6ca3f4873f33810b698ebf5dfd71151e2fd435143e01f45c5066c

Download | Favorite | View

HP Security Bulletin HPSBMU02746 SSRT100781

Posted Mar 14, 2012

Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02746 SSRT100781 - Potential security vulnerabilities have been identified with HP Data Protector Express (DPX) 5.0 and 6.0. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS) or to execute arbitrary code. Revision 1 of this advisory.

tags | advisory, denial of service, arbitrary, vulnerability

advisories | CVE-2012-0121, CVE-2012-0122, CVE-2012-0123, CVE-2012-0124

SHA-256 | 83a0d55e3394aa78f27458d386be674804605818ba2a00eb0f3834f45aea89b9

Download | Favorite | View