HP Data Protector opcode 259 buffer overflow

Added: 07/09/2013
CVE: CVE-2013-2329
BID: 60304
OSVDB: 93863

Background

HP Data Protector is an automated data backup solution.

Problem

A buffer overflow vulnerability when handling requests with opcode 259 allows remote attackers to execute arbitrary commands.

Resolution

Apply a patch referenced in HPSBMU02883 SSRT101227.

References

http://www.zerodayinitiative.com/advisories/ZDI-13-126/

Limitations

Exploit works on HP Data Protector 6.2 on Windows Server 2003 SP2 English (DEP OptOut).

Platforms

Windows

Back to exploit index