1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: HP OpenView OmniInet Opcode 20 CVE-2011-1865

Attack: HP OpenView OmniInet Opcode 20 CVE-2011-1865

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to a remote code execution vulnerability in HP OpenView Storage Data Protector Application.

Additional Information

The HP OpenView Storage Data Protector is a commercial data-management product for backup and recovery operations.

The HP OpenView Storage Data Protector is prone to a buffer-overflow vulnerability. This issue occurs because the application fails to perform adequate boundary checks on user-supplied data. This issue affects the following opcodes:

20
28
11
35
42
56
27
17

Specifically, when the application passes excessive amounts of data to the 'swprintf()' function, a stack overflow can occur.

Attackers can exploit this issue to execute arbitrary code in the context of the affected application.

HP OpenView Storage Data Protector versions 6.0, 6.10, 6.11, and 6.20 are vulnerable.

Affected

  • HP OpenView Storage Data Protector versions 6.0, 6.10, 6.11, and 6.20 are vulnerable.

Response

Vendor has released an update to resolve this issue. Please visit the vendor's website for further details.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube