1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: HP Data Protector EXEC_INTEGUTIL RCE

Attack: HP Data Protector EXEC_INTEGUTIL RCE

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts of leveraging a vulnerability in HP Data Protector which could lead to system compromise.

Additional Information

HP Data Protector is an application used for the backup and recovery of data.

HP Data Protector is prone to a remote command-execution vulnerability because it fails to adequately sanitize user-supplied input. An attacker can exploit this issue by processing specially crafted 'EXEC_INTEGUTIL' messages.

A remote attacker can leverage this issue to execute arbitrary commands in the context of the SYSTEM user. Failed exploit attempts will likely result in denial-of-service conditions.

Affected

  • HP Data Protector

Additional References

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube