Vulnerability Note VU#673228

HP OpenView Storage Data Protector may allow an attacker to execute arbitrary commands

Original Release date: 23 Aug 2006 | Last revised: 12 Jan 2007

Overview

A vulnerability in HP OpenView Storage Data Protector may allow an attacker to issue arbitrary commands on an affected system.

Description

HP Openview

HP Openview is a range of products, distributed and developed by Hewlett Packard, that are used for enterprise system and network monitoring.

HP OpenView Storage Data Protector
HP OpenView Storage Data Protector manages backup and recovery processes across local networks and storage area networks (SAN). The software uses a proprietary protocol for communications between the central backup server (Cell Manager) and clients (Agents).

The problem
On HP OpenView Storage Data Protector 5.1 and 5.5, it may be possible for an attacker to create a specially crafted packet that will pass commands to the backup agents with no authentication or input validation.

Impact

An remote, unauthenticated attacker may be able execute arbitrary commands on the backup agents with system privileges.

Solution

Apply a patch from the vendor
HP has released patches to address this issue. Please see the systems affected section of this document for more information.

Restrict access
Restricting network access to the backup agents may mitigate this vulnerability. The Administrator's Guide provides instructions on configuring the HP OpenView Storage Data Protector software.

Systems Affected (Learn More)

VendorStatusDate NotifiedDate Updated
Hewlett-Packard CompanyAffected-23 Aug 2006
If you are a vendor and your product is affected, let us know.

CVSS Metrics (Learn More)

Group Score Vector
Base N/A N/A
Temporal N/A N/A
Environmental N/A N/A

References

Credit

This vulnerability was originally reported by NISCC.

This document was written by Ryan Giobbi.

Other Information

  • CVE IDs: CVE-2006-4201
  • Date Public: 14 Aug 2006
  • Date First Published: 23 Aug 2006
  • Date Last Updated: 12 Jan 2007
  • Severity Metric: 0.94
  • Document Revision: 27

Feedback

If you have feedback, comments, or additional information about this vulnerability, please send us email.