HP Data Protector Windows Unauthenticated Remote Code Execution

Added: 02/18/2015
CVE: CVE-2014-2623
BID: 68672
OSVDB: 109069

Background

HP Data Protector is a backup solution for enterprise and distributed environments. Data Protector Manager listens on port 5555/TCP.

Problem

HP Data Protector is vulnerable to remote unauthenticated arbitrary command execution when processing specially crafted commands received on port 5555/TCP.

Resolution

Enable Encrypted Control Communications (ECC) services on the cell server and all of the clients in cell as described in HP Security Bulletin HPSBMU03072.

References

https://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04373818

Limitations

Exploit works on HP Data Protector 8.10 on Windows Server 2003, Windows Server 2008, and Windows Server 2012.
Back to exploit index