ID CVE-2012-0124
Summary Unspecified vulnerability in HP Data Protector Express (aka DPX) 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors.
References
Vulnerable Configurations
  • HP Data Protector Express 5.0
    cpe:2.3:a:hp:data_protector_express:5.0
  • HP Data Protector Express 6.0
    cpe:2.3:a:hp:data_protector_express:6.0
CVSS
Base: 10.0 (as of 14-03-2012 - 12:39)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
exploit-db via4
description HP Data Protector Create New Folder Buffer Overflow. CVE-2012-0124. Remote exploit for windows platform
id EDB-ID:19484
last seen 2016-02-02
modified 2012-07-01
published 2012-07-01
reporter metasploit
source https://www.exploit-db.com/download/19484/
title HP Data Protector Create New Folder Buffer Overflow
metasploit via4
description This module exploits a stack buffer overflow in HP Data Protector 5. The overflow occurs in the creation of new folders, where the name of the folder is handled in a insecure way by the dpwindtb.dll component. While the overflow occurs in the stack, the folder name is split in fragments in this insecure copy. Because of this, this module uses egg hunting to search a non corrupted copy of the payload in the heap. On the other hand the overflowed buffer is stored in a frame protected by stack cookies, because of this SEH handler overwrite is used. Any user of HP Data Protector Express is able to create new folders and trigger the vulnerability. Moreover, in the default installation the 'Admin' user has an empty password. Successful exploitation will lead to code execution with the privileges of the "dpwinsdr.exe" (HP Data Protector Express Domain Server Service) process, which runs as SYSTEM by default.
id MSF:EXPLOIT/WINDOWS/MISC/HP_DATAPROTECTOR_NEW_FOLDER
last seen 2019-03-17
modified 2017-07-24
published 2012-06-29
reliability Normal
reporter Rapid7
source https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/misc/hp_dataprotector_new_folder.rb
title HP Data Protector Create New Folder Buffer Overflow
nessus via4
NASL family Windows
NASL id HP_DATA_PROTECTOR_EXP_HPSBMU02746.NASL
description The version of HP Data Protector Express installed on the remote Windows host is 5.x earlier than 5.0.0 build 59287 or 6.x earlier than 6.0.0 build 11974. As such, it is potentially affected by multiple unspecified denial of service and code execution vulnerabilities.
last seen 2019-02-21
modified 2018-07-12
plugin id 58399
published 2012-03-20
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=58399
title HP Data Protector Express 5.x < 5.0.0 Build 59287 / 6.x < 6.0.0 Build 11974 Multiple Vulnerabilities
packetstorm via4
data source https://packetstormsecurity.com/files/download/114411/hp_dataprotector_new_folder.rb.txt
id PACKETSTORM:114411
last seen 2016-12-05
published 2012-07-02
reporter sinn3r
source https://packetstormsecurity.com/files/114411/HP-Data-Protector-Create-New-Folder-Buffer-Overflow.html
title HP Data Protector Create New Folder Buffer Overflow
refmap via4
hp
  • HPSBMU02746
  • SSRT100781
Last major update 24-04-2012 - 00:00
Published 13-03-2012 - 23:28
Back to Top