The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of HPE Data Protector

vulnerability bulletin CVE-2016-2004 CVE-2016-2005 CVE-2016-2006

HP Data Protector: five vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of HP Data Protector.
Impacted products: HP Data Protector.
Severity: 3/4.
Consequences: privileged access/rights, user access/rights, data reading.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 5.
Creation date: 19/04/2016.
Revision date: 07/06/2016.
Identifiers: c05085988, CVE-2016-2004, CVE-2016-2005, CVE-2016-2006, CVE-2016-2007, CVE-2016-2008, HPSBGN03580, PSRT102293, PSRT102948, PSRT102979, PSRT102980, PSRT102981, SSRT102163, VIGILANCE-VUL-19403, VU#267328, ZDI-16-245, ZDI-16-246, ZDI-16-247.

Description of the vulnerability

Several vulnerabilities were announced in HP Data Protector.

An attacker can use a vulnerability, in order to run code. [severity:3/4; CVE-2016-2004, PSRT102293, SSRT102163, VU#267328]

An attacker can use a vulnerability, in order to run code. [severity:3/4; CVE-2016-2005, PSRT102979, ZDI-16-245]

An attacker can use a vulnerability, in order to run code. [severity:3/4; CVE-2016-2006, PSRT102980, ZDI-16-246]

An attacker can use a vulnerability, in order to run code. [severity:3/4; CVE-2016-2007, PSRT102981, ZDI-16-247]

An attacker can bypass security features, in order to obtain sensitive information. [severity:2/4; CVE-2016-2008, PSRT102948]
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2015-2116

HP Data Protector: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of HP Data Protector.
Impacted products: HP Data Protector.
Severity: 3/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights, denial of service on service.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 3.
Creation date: 21/04/2015.
Identifiers: c04636829, CVE-2015-2116, HPSBMU03321, SSRT101677, VIGILANCE-VUL-16661.

Description of the vulnerability

Several vulnerabilities were announced in HP Data Protector.

An attacker can escalate his privileges. [severity:2/4]

An attacker can trigger a denial of service. [severity:2/4]

An attacker can execute code. [severity:3/4]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2015-2808

TLS: RC4 decryption via Bar Mitzvah

Synthesis of the vulnerability

An attacker can use the Bar Mitzvah Attack on TLS, in order to obtain sensitive information encrypted by RC4.
Impacted products: DCFM Enterprise, Brocade Network Advisor, Brocade vTM, Avamar, Black Diamond, ExtremeXOS, Summit, BIG-IP Hardware, TMOS, HPE BSM, HP Data Protector, HPE NNMi, HP Operations, SiteScope, HP Switch, HP-UX, AIX, DB2 UDB, Domino, Notes, IRAD, Security Directory Server, Tivoli Storage Manager, Tivoli Workload Scheduler, WebSphere AS Traditional, WebSphere MQ, SnapManager, Oracle Communications, Oracle Directory Server, Oracle Directory Services Plus, Oracle Fusion Middleware, Oracle GlassFish Server, Oracle Identity Management, Oracle iPlanet Web Server, Oracle OIT, Oracle Virtual Directory, WebLogic, Oracle Web Tier, SSL protocol, RHEL, SUSE Linux Enterprise Desktop, SLES.
Severity: 2/4.
Consequences: data reading.
Provenance: internet client.
Creation date: 27/03/2015.
Identifiers: 1450666, 1610582, 1647054, 1882708, 1883551, 1883553, 1902260, 1903541, 1960659, 1963275, 1967498, 523628, 7014463, 7022958, 7045736, 9010041, 9010044, Bar Mitzvah, BSA-2015-007, c04708650, c04767175, c04770140, c04772305, c04773119, c04773241, c04777195, c04777255, c04832246, c04926789, c05085988, c05336888, cpujan2018, cpuoct2017, CVE-2015-2808, DSA-2018-124, HPSBGN03350, HPSBGN03393, HPSBGN03399, HPSBGN03407, HPSBGN03414, HPSBGN03415, HPSBGN03580, HPSBHF03673, HPSBMU03345, HPSBMU03401, HPSBUX03435, HPSBUX03512, NTAP-20150715-0001, NTAP-20151028-0001, RHSA-2015:1020-01, RHSA-2015:1021-01, RHSA-2015:1091-01, SOL16864, SSRT102254, SSRT102977, SUSE-SU-2015:1073-1, SUSE-SU-2015:1085-1, SUSE-SU-2015:1086-1, SUSE-SU-2015:1086-2, SUSE-SU-2015:1086-3, SUSE-SU-2015:1086-4, SUSE-SU-2015:1138-1, SUSE-SU-2015:1161-1, VIGILANCE-VUL-16486, VN-2015-004.

Description of the vulnerability

During the initialization of a TLS session, the client and the server negotiate cryptographic algorithms. The RC4 algorithm can be chosen to encrypt data.

For some weak keys (one over 2^24), the Invariance Weakness can be used to predict the two LSB (Least Significant Bit) of the 100 first bytes encrypted with RC4. The first TLS message is "Finished" (36 bytes), thus an attacker can predict LSBs of 64 bytes.

An attacker can therefore use the Bar Mitzvah Attack on TLS, in order to obtain sensitive information encrypted by RC4.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2014-2623

HP Data Protector: shell command execution

Synthesis of the vulnerability

A remote attacker can connect to HP Data Protector, in order to execute code.
Impacted products: HP Data Protector.
Severity: 3/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights.
Provenance: intranet client.
Creation date: 16/07/2014.
Revisions dates: 18/11/2014, 04/02/2015.
Identifiers: c04373818, CVE-2014-2623, HPSBMU03072, SSRT101644, VIGILANCE-VUL-15056.

Description of the vulnerability

The HP Data Protector service listens on a TCP port.

However, if this service receives the following message, it runs the requested command:
  [...] utilns/detach -dir /bin -com requestedCommand

A remote attacker can therefore connect to HP Data Protector, in order to execute a shell command.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2014-3566

SSL 3.0: decrypting session, POODLE

Synthesis of the vulnerability

An attacker, located as a Man-in-the-Middle, can decrypt a SSL 3.0 session, in order to obtain sensitive information.
Impacted products: SES, SNS, Apache httpd, Arkoon FAST360, ArubaOS, Asterisk Open Source, BES, ProxyAV, ProxySG par Blue Coat, SGOS by Blue Coat, GAiA, CheckPoint IP Appliance, IPSO, SecurePlatform, CheckPoint Security Appliance, CheckPoint Security Gateway, Cisco ASR, Cisco ACE, ASA, AsyncOS, Cisco CSS, Cisco ESA, IOS by Cisco, IOS XE Cisco, IOS XR Cisco, IronPort Email, Nexus by Cisco, NX-OS, Prime Infrastructure, Cisco PRSM, Cisco Router, WebNS, Clearswift Email Gateway, Clearswift Web Gateway, CUPS, Debian, Black Diamond, ExtremeXOS, Summit, BIG-IP Hardware, TMOS, Fedora, FortiGate, FortiGate Virtual Appliance, FortiManager, FortiManager Virtual Appliance, FortiOS, FreeBSD, F-Secure AV, hMailServer, HPE BSM, HP Data Protector, HPE NNMi, HP Operations, ProCurve Switch, SiteScope, HP Switch, TippingPoint IPS, HP-UX, AIX, Domino, Notes, Security Directory Server, SPSS Data Collection, Tivoli System Automation, Tivoli Workload Scheduler, WebSphere AS Traditional, WebSphere MQ, IVE OS, Juniper J-Series, Junos OS, Junos Space, Junos Space Network Management Platform, MAG Series by Juniper, NSM Central Manager, NSMXpress, Juniper SA, McAfee Email and Web Security, McAfee Email Gateway, ePO, VirusScan, McAfee Web Gateway, IE, Windows 2003, Windows 2008 R0, Windows 2008 R2, Windows 2012, Windows 7, Windows 8, Windows (platform) ~ not comprehensive, Windows RT, Windows Vista, NETASQ, NetBSD, NetScreen Firewall, ScreenOS, nginx, Nodejs Core, OpenSSL, openSUSE, openSUSE Leap, Oracle DB, Oracle Fusion Middleware, Oracle Identity Management, Oracle OIT, Solaris, Tuxedo, WebLogic, Palo Alto Firewall PA***, PAN-OS, Polycom CMA, HDX, RealPresence Collaboration Server, RealPresence Distributed Media Application, Polycom VBP, Postfix, SSL protocol, Puppet, RHEL, JBoss EAP by Red Hat, RSA Authentication Manager, ROS, ROX, RuggedSwitch, Slackware, Splunk Enterprise, stunnel, SUSE Linux Enterprise Desktop, SLES, Synology DSM, Ubuntu, Unix (platform) ~ not comprehensive, ESXi, vCenter Server, VMware vSphere, VMware vSphere Hypervisor, WinSCP.
Severity: 3/4.
Consequences: data reading, data creation/edition.
Provenance: internet client.
Creation date: 15/10/2014.
Identifiers: 10923, 1589583, 1595265, 1653364, 1657963, 1663874, 1687167, 1687173, 1687433, 1687604, 1687611, 1690160, 1690185, 1690342, 1691140, 1692551, 1695392, 1696383, 1699051, 1700706, 2977292, 3009008, 7036319, aid-10142014, AST-2014-011, bulletinapr2015, bulletinjan2015, bulletinjan2016, bulletinjul2015, bulletinjul2016, bulletinoct2015, c04486577, c04487990, c04492722, c04497114, c04506802, c04510230, c04567918, c04616259, c04626982, c04676133, c04776510, CERTFR-2014-ALE-007, CERTFR-2014-AVI-454, CERTFR-2014-AVI-509, CERTFR-2015-AVI-169, CERTFR-2016-AVI-303, cisco-sa-20141015-poodle, cpujul2017, CTX216642, CVE-2014-3566, DSA-3053-1, DSA-3253-1, DSA-3489-1, ESA-2014-178, ESA-2015-098, ESXi500-201502001, ESXi500-201502101-SG, ESXi510-201503001, ESXi510-201503001-SG, ESXi510-201503101-SG, ESXi550-201501001, ESXi550-201501101-SG, FEDORA-2014-12989, FEDORA-2014-12991, FEDORA-2014-13012, FEDORA-2014-13017, FEDORA-2014-13040, FEDORA-2014-13069, FEDORA-2014-13070, FEDORA-2014-13444, FEDORA-2014-13451, FEDORA-2014-13764, FEDORA-2014-13777, FEDORA-2014-13781, FEDORA-2014-13794, FEDORA-2014-14234, FEDORA-2014-14237, FEDORA-2014-15379, FEDORA-2014-15390, FEDORA-2014-15411, FEDORA-2014-17576, FEDORA-2014-17587, FEDORA-2015-9090, FEDORA-2015-9110, FreeBSD-SA-14:23.openssl, FSC-2014-8, HPSBGN03256, HPSBGN03305, HPSBGN03332, HPSBHF03156, HPSBHF03300, HPSBMU03152, HPSBMU03184, HPSBMU03213, HPSBMU03416, HPSBUX03162, HPSBUX03194, JSA10656, MDVSA-2014:203, MDVSA-2014:218, MDVSA-2015:062, NetBSD-SA2014-015, nettcp_advisory, openSUSE-SU-2014:1331-1, openSUSE-SU-2014:1384-1, openSUSE-SU-2014:1395-1, openSUSE-SU-2014:1426-1, openSUSE-SU-2016:0640-1, openSUSE-SU-2016:1586-1, openSUSE-SU-2017:0980-1, PAN-SA-2014-0005, POODLE, RHSA-2014:1652-01, RHSA-2014:1653-01, RHSA-2014:1692-01, RHSA-2014:1920-01, RHSA-2014:1948-01, RHSA-2015:0010-01, RHSA-2015:0011-01, RHSA-2015:0012-01, RHSA-2015:1545-01, RHSA-2015:1546-01, SA83, SB10090, SB10104, sk102989, SOL15702, SP-CAAANKE, SP-CAAANST, SPL-91947, SPL-91948, SSA:2014-288-01, SSA-396873, SSA-472334, SSRT101767, STORM-2014-02-FR, SUSE-SU-2014:1357-1, SUSE-SU-2014:1361-1, SUSE-SU-2014:1386-1, SUSE-SU-2014:1387-1, SUSE-SU-2014:1387-2, SUSE-SU-2014:1409-1, SUSE-SU-2015:0010-1, SUSE-SU-2016:1457-1, SUSE-SU-2016:1459-1, T1021439, TSB16540, USN-2839-1, VIGILANCE-VUL-15485, VMSA-2015-0001, VMSA-2015-0001.1, VMSA-2015-0001.2, VN-2014-003, VU#577193.

Description of the vulnerability

An SSL/TLS session can be established using several protocols:
 - SSL 2.0 (obsolete)
 - SSL 3.0
 - TLS 1.0
 - TLS 1.1
 - TLS 1.2

An attacker can downgrade the version to SSLv3. However, with SSL 3.0, an attacker can change the padding position with a CBC encryption, in order to progressively guess clear text fragments.

This vulnerability is named POODLE (Padding Oracle On Downgraded Legacy Encryption).

An attacker, located as a Man-in-the-Middle, can therefore decrypt a SSL 3.0 session, in order to obtain sensitive information.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note 15439

HP Data Protector: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of HP Data Protector.
Impacted products: HP Data Protector.
Severity: 3/4.
Consequences: privileged access/rights, user access/rights.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 2.
Creation date: 03/10/2014.
Identifiers: VIGILANCE-VUL-15439, ZDI-14-344, ZDI-14-345.

Description of the vulnerability

Several vulnerabilities were announced in HP Data Protector.

An attacker can use the EXEC_INTEGUTIL message, in order to execute system commands. [severity:3/4; ZDI-14-344]

An attacker can force the usage of a freed memory area in omnidlc.exe, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; ZDI-14-345]
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2014-5160

HP Data Protector: multiple vulnerabilities of crs.exe

Synthesis of the vulnerability

An attacker can use several vulnerabilities of crs.exe of HP Data Protector.
Impacted products: HP Data Protector.
Severity: 3/4.
Consequences: administrator access/rights, privileged access/rights, data creation/edition, data deletion.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 2.
Creation date: 24/07/2014.
Identifiers: CVE-2014-5160, VIGILANCE-VUL-15095, ZDI-14-262, ZDI-14-263.

Description of the vulnerability

Several vulnerabilities were announced in HP Data Protector.

An attacker can traverse directories in crs.exe via the opcode 305, in order to create of remove a file outside the root path. [severity:3/4; ZDI-14-262]

An attacker can traverse directories in crs.exe via the opcode 1091, in order to create of remove a file outside the root path. [severity:3/4; ZDI-14-263]
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2013-2344 CVE-2013-2345 CVE-2013-2346

HP Data Protector: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of HP Data Protector.
Impacted products: HP Data Protector.
Severity: 3/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights, client access/rights, denial of service on service.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 9.
Creation date: 03/01/2014.
Revision date: 13/01/2014.
Identifiers: BID-64647, c03822422, CVE-2013-2344, CVE-2013-2345, CVE-2013-2346, CVE-2013-2347, CVE-2013-2348, CVE-2013-2349, CVE-2013-2350, CVE-2013-6194, CVE-2013-6195, HPSBMU02895, SSRT101217, SSRT101218, SSRT101219, SSRT101220, SSRT101221, SSRT101222, SSRT101223, SSRT101233, SSRT101253, SSRT101348, VIGILANCE-VUL-14013, ZDI-14-001, ZDI-14-002, ZDI-14-003, ZDI-14-004, ZDI-14-005, ZDI-14-006, ZDI-14-007, ZDI-14-008, ZDI-14-009, ZDI-CAN-1866, ZDI-CAN-1869, ZDI-CAN-1870, ZDI-CAN-1885, ZDI-CAN-1892, ZDI-CAN-1896, ZDI-CAN-1897, ZDI-CAN-1905, ZDI-CAN-2008.

Description of the vulnerability

Several vulnerabilities were announced in HP Data Protector.

An attacker can send a command to OmniInet.exe, in order to execute code. [severity:3/4; CVE-2013-2344, SSRT101217, ZDI-14-001, ZDI-CAN-1866]

An attacker can generate a buffer overflow in vrda.exe, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2013-2345, SSRT101218, ZDI-14-006, ZDI-CAN-1869]

An attacker can generate a buffer overflow in rrda.exe, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2013-2346, SSRT101219, ZDI-14-004, ZDI-CAN-1870]

An attacker can send an EXEC_BAR packet, in order to execute code. [severity:3/4; CVE-2013-2347, SSRT101220, ZDI-14-008, ZDI-CAN-1885]

An attacker can traverse directories in OmniInet.exe, in order to write a file outside the root path, to execute it. [severity:3/4; CVE-2013-2348, SSRT101221, ZDI-14-002, ZDI-CAN-1892]

An attacker can generate a buffer overflow in vbda.exe, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2013-2349, SSRT101222, ZDI-14-005, ZDI-CAN-1896]

An attacker can generate a buffer overflow in rbda.exe, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2013-2350, SSRT101223, ZDI-14-007, ZDI-CAN-1897]

An attacker can traverse directories in OmniInet.exe, in order to write a file outside the root path, to execute it. [severity:3/4; CVE-2013-6194, SSRT101233, ZDI-14-003, ZDI-CAN-1905]

An attacker can generate a buffer overflow in crs.exe, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; CVE-2013-6195, SSRT101348, ZDI-14-009, ZDI-CAN-2008]
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2013-2324 CVE-2013-2325 CVE-2013-2326

HP Data Protector: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of HP Data Protector, in order to trigger a denial of service or to execute code.
Impacted products: HP Data Protector.
Severity: 3/4.
Consequences: user access/rights, denial of service on service.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 12.
Creation date: 04/06/2013.
Identifiers: BID-60299, BID-60300, BID-60301, BID-60302, BID-60303, BID-60304, BID-60306, BID-60307, BID-60308, BID-60309, BID-60310, BID-60311, c03781657, CVE-2013-2324, CVE-2013-2325, CVE-2013-2326, CVE-2013-2327, CVE-2013-2328, CVE-2013-2329, CVE-2013-2330, CVE-2013-2331, CVE-2013-2332, CVE-2013-2333, CVE-2013-2334, CVE-2013-2335, HPSBMU02883, SSRT101227, VIGILANCE-VUL-12900, ZDI-13-121, ZDI-13-122, ZDI-13-123, ZDI-13-124, ZDI-13-125, ZDI-13-126, ZDI-13-127, ZDI-13-128, ZDI-13-129, ZDI-13-130, ZDI-13-131, ZDI-13-161.

Description of the vulnerability

Several vulnerabilities were announced in HP Data Protector.

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; BID-60299, CVE-2013-2324, ZDI-13-121]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; BID-60300, CVE-2013-2325, ZDI-13-122]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; BID-60301, CVE-2013-2326, ZDI-13-123]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; BID-60302, CVE-2013-2327, ZDI-13-124]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; BID-60303, CVE-2013-2328, ZDI-13-125]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; BID-60304, CVE-2013-2329, ZDI-13-126]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; BID-60306, CVE-2013-2330, ZDI-13-127]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; BID-60307, CVE-2013-2331, ZDI-13-128]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; BID-60308, CVE-2013-2332, ZDI-13-129]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; BID-60309, CVE-2013-2333, ZDI-13-130]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; BID-60310, CVE-2013-2334, ZDI-13-131]

An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to execute code. [severity:3/4; BID-60311, CVE-2013-2335, ZDI-13-161]
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2012-5220

HP Data Protector: privilege escalation

Synthesis of the vulnerability

A local attacker can use a vulnerability of HP Data Protector, in order to escalate his privileges.
Impacted products: HP Data Protector.
Severity: 2/4.
Consequences: administrator access/rights, privileged access/rights, user access/rights, data reading, data creation/edition, denial of service on service.
Provenance: user account.
Creation date: 25/04/2013.
Identifiers: BID-59488, c03570121, CVE-2012-5220, HPSBMU02830, SSRT100889, VIGILANCE-VUL-12710.

Description of the vulnerability

A local attacker can use a vulnerability of HP Data Protector, in order to escalate his privileges.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about HPE Data Protector: