CVE-2007-2281 - Integer overflow in the _ncp32._NtrpTCPReceiveMsg function in rds.exe in the Cell Manager Database S

CVE-2007-2281

Summary

Integer overflow in the _ncp32._NtrpTCPReceiveMsg function in rds.exe in the Cell Manager Database Service in the Application Recovery Manager component in HP OpenView Storage Data Protector 5.50 and 6.0 allows remote attackers to execute arbitrary code via a large value in the size parameter.

References

Vulnerable Configurations

cpe:2.3:a:hp:openview_storage_data_protector:5.50:*:*:*:*:*:*:*
cpe:2.3:a:hp:openview_storage_data_protector:5.50:*:*:*:*:*:*:*
cpe:2.3:a:hp:openview_storage_data_protector:6.0:*:*:*:*:*:*:*
cpe:2.3:a:hp:openview_storage_data_protector:6.0:*:*:*:*:*:*:*

CVSS

Base:	10.0 (as of 23-12-2009 - 06:26)
Impact:
Exploitability:

CWE

CWE-189

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:C/I:C/A:C

refmap via4

bid	37386
hp	HPSBMA02252 SSRT061258 SSRT061259
misc	http://dvlabs.tippingpoint.com/advisory/TPTI-09-15
sectrack	1023361
vupen	ADV-2009-3594

Last major update

23-12-2009 - 06:26

Published

18-12-2009 - 19:30

Last modified

23-12-2009 - 06:26