APP: HPE Data Protector EXEC_BAR domain Buffer Overflow
This signature detects attempts to exploit a known vulnerability in the Omnilnet.exe component of HPE Data Protector. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the HPE Data Protector service.
Extended Description
HPE Data Protector before 7.03_108, 8.x before 8.15, and 9.x before 9.06 allows remote attackers to execute arbitrary code via unspecified vectors, aka ZDI-CAN-3353.
Affected Products
Hp data_protector
References
CVE: CVE-2016-2006
Short Name
APP:HPE-EXECBAR-OVERFLOW
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
Buffer CVE-2016-2006 Data EXEC_BAR HPE Overflow Protector domain
Release Date
08/23/2016
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3337
Port
TCP/5555
False Positive
Unknown
Vendors
Hp
CVSS Score
10.0