This Metasploit module exploits a stack-based buffer overflow in the Hewlett-Packard Data Protector product. The vulnerability, due to the insecure usage of _swprintf, exists at the Cell Request Service (crs.exe) when parsing packets with opcode 211. This Metasploit module has been tested successfully on HP Data Protector 6.20 and 7.00 on Windows XP SP3.
012e016b24b2c26e511cc5510500cd5238be83253a10e49838760b44e27f4253
HP Security Bulletin HPSBMU02883 SSRT101227 - Potential security vulnerabilities have been identified with HP Data Protector. These vulnerabilities could be remotely exploited to allow an increase of privilege, create a Denial of Service (DoS), or execute arbitrary code. Revision 1 of this advisory.
45e34957afce3ef4e0e8bc15d24d2997af9d1115b5143d39b79ea3dc5fb845ec