Both links for more information are "dead" in this plugin.
results|x.x.x|y.y.y.y|personal-agent (5555/tcp)|22225|Security
Hole|Synopsis :\n\nIt is possible to execute code on the remote host
through the backup\nagent. \n\nDescription :\n\nThe remote version of HP
OpenView Data Protector is vulnerable to an\nauthentication bypass
vulnerability. By sending specially-crafted\nrequests to the remote
host, an attacker may be able to execute\nunauthorized Backup commands.
Due to the nature of the software, a\nsuccessful exploitation of this
vulnerability could result in remote\ncode execution. \n\nSee also :
\n\nhttp://www.niscc.gov.uk/niscc/docs/br-20060811-00550.html [1]
\n\nSolution :\n\nIf this service is not needed, disable it or filter
incoming traffic\nto this port. HP has released a set of patches for
Data Protector\n5.10 and
5.50:\n\nhttp://itrc.hp.com/service/cki/docDisplay.do?docId=c00742778
[2]\n\n / CVSS Base Score : 7.5\n(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)\nCVE
: CVE-2006-4201\nBID : 19495\n
[1] http://www.niscc.gov.uk/niscc/docs/br-20060811-00550.html is a 404.
[2] http://itrc.hp.com/service/cki/docDisplay.do?docId=c00742778
requires registration.
Of course, the CVE entry and BID are correct. Perhaps updating the link
[1] to be http://www.kb.cert.org/vuls/id/673228 would be more useful?
Link [2] could be updated to
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00742778&jumpid=reg_R1002_USEN,
which is an URL from HP that does not require registration.
This is a tenable maintained plugin or I would have contacted the author.
--
_______________________________________________________________________
Nathan Grandbois, CISSP ngrandbois@microsolved.com
Security Analyst (614) 351-1237 x 212
PGP Key Available by Request
MicroSolved is security expertise you can trust!
HoneyPoint Security Server
Attackers get stung, instead of you!
http://www.microsolved.com/honeypoint
results|x.x.x|y.y.y.y|personal-agent (5555/tcp)|22225|Security
Hole|Synopsis :\n\nIt is possible to execute code on the remote host
through the backup\nagent. \n\nDescription :\n\nThe remote version of HP
OpenView Data Protector is vulnerable to an\nauthentication bypass
vulnerability. By sending specially-crafted\nrequests to the remote
host, an attacker may be able to execute\nunauthorized Backup commands.
Due to the nature of the software, a\nsuccessful exploitation of this
vulnerability could result in remote\ncode execution. \n\nSee also :
\n\nhttp://www.niscc.gov.uk/niscc/docs/br-20060811-00550.html [1]
\n\nSolution :\n\nIf this service is not needed, disable it or filter
incoming traffic\nto this port. HP has released a set of patches for
Data Protector\n5.10 and
5.50:\n\nhttp://itrc.hp.com/service/cki/docDisplay.do?docId=c00742778
[2]\n\n / CVSS Base Score : 7.5\n(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)\nCVE
: CVE-2006-4201\nBID : 19495\n
[1] http://www.niscc.gov.uk/niscc/docs/br-20060811-00550.html is a 404.
[2] http://itrc.hp.com/service/cki/docDisplay.do?docId=c00742778
requires registration.
Of course, the CVE entry and BID are correct. Perhaps updating the link
[1] to be http://www.kb.cert.org/vuls/id/673228 would be more useful?
Link [2] could be updated to
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00742778&jumpid=reg_R1002_USEN,
which is an URL from HP that does not require registration.
This is a tenable maintained plugin or I would have contacted the author.
--
_______________________________________________________________________
Nathan Grandbois, CISSP ngrandbois@microsolved.com
Security Analyst (614) 351-1237 x 212
PGP Key Available by Request
MicroSolved is security expertise you can trust!
HoneyPoint Security Server
Attackers get stung, instead of you!
http://www.microsolved.com/honeypoint
Attached Files:
-
smime.p7s (3.21 KB)