APP: HP Data Protector Create New Folder Buffer Overflow
This signature detects attempts to exploit a known vulnerability in the HP Data Protector. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the application.
Extended Description
HP Data Protector Express is prone to multiple code-execution vulnerabilities. Successfully exploiting these issues allow an attacker to execute arbitrary code with SYSTEM privileges. HP Data Protector Express versions prior to 5.0.00 build 59287 and prior to 6.0.00 build 11974 are vulnerable.
Affected Products
Hp data_protector_express_6.0.01
References
BugTraq: 52431
CVE: CVE-2012-0124
URL: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03229235
Short Name
APP:HP-DATA-PROC-NEW-FOLDER
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
Buffer CVE-2012-0121 CVE-2012-0122 CVE-2012-0123 CVE-2012-0124 Create Data Folder HP New Overflow Protector bid:52431
Release Date
03/20/2013
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3400
Port
TCP/3817
False Positive
Unknown
Vendors
Hp
CVSS Score
10.0