ID CVE-2013-2343
Summary Unspecified vulnerability on the HP LeftHand Virtual SAN Appliance hydra with software before 10.0 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1510.
References
Vulnerable Configurations
  • HP LeftHand Virtual SAN Appliance hydra
    cpe:2.3:a:hp:lefthand_virtual_san_appliance_hydra
  • HP LeftHand Virtual SAN Appliance hydra software 9.0
    cpe:2.3:a:hp:lefthand_virtual_san_appliance_hydra_software:9.0
  • HP LeftHand P4000 Virtual SAN Appliance
    cpe:2.3:a:hp:lefthand_p4000_virtual_san_appliance
CVSS
Base: 10.0 (as of 03-07-2013 - 08:25)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
exploit-db via4
description HP StorageWorks P4000 Virtual SAN Appliance Login Buffer Overflow. CVE-2012-3282,CVE-2013-2343. Remote exploit for windows platform
id EDB-ID:27555
last seen 2016-02-03
modified 2013-08-13
published 2013-08-13
reporter metasploit
source https://www.exploit-db.com/download/27555/
title HP StorageWorks P4000 Virtual SAN Appliance Login Buffer Overflow
metasploit via4
description This module exploits a buffer overflow vulnerability found in HP's StorageWorks P4000 VSA on versions prior to 10.0. The vulnerability is due to an insecure usage of the sscanf() function when parsing login requests. This module has been tested successfully on the HP VSA 9 Virtual Appliance.
id MSF:EXPLOIT/LINUX/MISC/HP_VSA_LOGIN_BOF
last seen 2019-03-11
modified 2017-07-24
published 2013-08-10
reliability Normal
reporter Rapid7
source https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/misc/hp_vsa_login_bof.rb
title HP StorageWorks P4000 Virtual SAN Appliance Login Buffer Overflow
nessus via4
NASL family Gain a shell remotely
NASL id HP_VSA_10_0.NASL
description According to the version fingerprinted by Nessus, the remote host is an HP LeftHand Virtual SAN Appliance prior to version 10.0. It is, therefore, affected by multiple unspecified remote code execution vulnerabilities in the hydra service.
last seen 2019-02-21
modified 2018-11-15
plugin id 64633
published 2013-02-14
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=64633
title HP LeftHand Virtual SAN Appliance < 10.0 hydra Service Multiple RCE
packetstorm via4
data source https://packetstormsecurity.com/files/download/122789/hp_vsa_login_bof.rb.txt
id PACKETSTORM:122789
last seen 2016-12-05
published 2013-08-12
reporter juan vazquez
source https://packetstormsecurity.com/files/122789/HP-StorageWorks-P4000-Virtual-SAN-Appliance-Login-Buffer-Overflow.html
title HP StorageWorks P4000 Virtual SAN Appliance Login Buffer Overflow
refmap via4
hp
  • HPSBST02846
  • SSRT100798
saint via4
bid 60884
description HP LeftHand Virtual SAN Appliance Hydra Service Login Buffer Overflow
osvdb 94701
title hp_lefthand_vsa_hydra_service_login
type remote
Last major update 03-07-2013 - 00:00
Published 02-07-2013 - 17:55
Back to Top