APP: HP Data Protector Opcode 42 Directory Traversal
This signature detects attempts to exploit a known vulnerability in the HP Data Protector. The vulnerability is due to a lack of input sanitization on a file name provided with Opcode 42. The file name is not sanitized for directory traversal characters, allowing an attacker to write arbitrary content to the file system. A remote unauthenticated attacker could exploit this vulnerability by sending a crafted request to the vulnerable service. Successful exploitation could cause writing arbitrary files to the file system which could result in code execution in the context of the the affected service, which is SYSTEM by default.
Extended Description
Unspecified vulnerability in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1905.
Affected Products
Hp storage_data_protector
Short Name
APP:HP-DATA-PRTCTR-OP42-DIR-TRV
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
42 CVE-2013-6194 Data Directory HP Opcode Protector Traversal bid:64647
Release Date
02/11/2014
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
Port
tcp/5555
False Positive
Unknown
Vendors
Hp
CVSS Score
10.0