HP StorageWorks File Migration Agent Buffer Overflow Vulnerabilities
Last Update Date:
20 Jul 2012 10:25
Release Date:
20 Jul 2012
5092
Views
RISK: High Risk
TYPE: Servers - Other Servers
Two vulnerabilities have been identified in HP StorageWorks File Migration Agent, which can be exploited by malicious people to compromise a vulnerable system.
- A boundary error in HsmCfgSvc.exe service when processing CIFS archive names can be exploited to cause a stack-based buffer overflow via specially crafted packets sent to TCP port 9111.
- A boundary error in HsmCfgSvc.exe service when processing the root path of FTP archives can be exploited to cause a stack-based buffer overflow via specially crafted packets sent to TCP port 9111.
Note: There is no patch available for this vulnerability currently.
Impact
- Remote Code Execution
System / Technologies affected
- HP StorageWorks File Migration Agent 2.x
Solutions
- There is no patch available for this vulnerability currently.
- Workaround: It is recommended to restrict access to trusted hosts only.
Vulnerability Identifier
- No CVE information is available
Source
Related Link
Share with