APP: HPE Data Protector EXEC_BAR username Buffer Overflow

This signature detects attempts to exploit a known vulnerability in the OmniInet.exe component of HPE Data Protector. Successful exploitation could lead to arbitrary code execution under the security context of SYSTEM.

Extended Description

HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors, aka ZDI-CAN-3352.

Affected Products

Hp data_protector

References

CVE: CVE-2016-2005

Short Name
APP:HPE-DATA-PROTECT-USR-BO
Severity
Critical
Recommended
True
Recommended Action
Drop
Category
APP
Keywords
Buffer CVE-2016-2005 Data EXEC_BAR HPE Overflow Protector username
Release Date
08/04/2016
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3337
Port
TCP/5555
False Positive
Unknown
Vendors

Hp

CVSS Score

10.0

Found a potential security threat?