HP StorageWorks File Migration Agent Buffer Overflow Vulnerabilities

Last Update Date: 20 Jul 2012 10:25 Release Date: 20 Jul 2012 4958 Views

RISK: High Risk

High Risk

TYPE: Servers - Other Servers

TYPE: Other Servers

Two vulnerabilities have been identified in HP StorageWorks File Migration Agent, which can be exploited by malicious people to compromise a vulnerable system.

  1. A boundary error in HsmCfgSvc.exe service when processing CIFS archive names can be exploited to cause a stack-based buffer overflow via specially crafted packets sent to TCP port 9111.
  2. A boundary error in HsmCfgSvc.exe service when processing the root path of FTP archives can be exploited to cause a stack-based buffer overflow via specially crafted packets sent to TCP port 9111.

Note: There is no patch available for this vulnerability currently.

Impact

  • Remote Code Execution

System / Technologies affected

  • HP StorageWorks File Migration Agent 2.x

Solutions

  • There is no patch available for this vulnerability currently.
  • Workaround: It is recommended to restrict access to trusted hosts only.

Vulnerability Identifier

  • No CVE information is available

Source

Related Link

Share with

Previous

Cisco Nexus Series Switches IP Stack Processing Denial of Service Vulnerability

17 Feb 2012 5450 Views

Next

PHP Multiple Vulnerabilities

23 Jul 2012 4928 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY