Data Protector 10 Windows Server 2016 compatibility. Data Protector 10 Windows Server 2016 compatibility. By using this site. Hewlett-Packard Company makes no warranty of any kind with regard to this material, including, but not limited to, the implied warranties of. About Data Protector.
HP Data Protector Express (DPX) contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system.
The vulnerability exists because the affected software improperly handles user-supplied input when creating new folders. An unauthenticated, remote attacker could exploit this vulnerability by creating malicious folders on a targeted system. If successful, the attacker could execute arbitrary code on the system with SYSTEM-level privileges.
Functional code that exploits this vulnerability is available as part of the Metasploit framework.
HP has confirmed the vulnerability and released updated software.
The vulnerability exists because the dpwindtb.dll component used by the HP Data Protector Express Domain Server Service process (dpwinsdr.exe) improperly handles user-supplied folder names during folder creation, resulting in a stack-based buffer overflow.
An unauthenticated, remote attacker could exploit this vulnerability by creating a new folder with a crafted name. When the malicious folder name is processed, a memory error condition could occur that could allow the attacker to execute arbitrary code on the system in the security context of the affected process. This process executes with SYSTEM-level privileges.
To exploit this vulnerability, the attacker would need user access to the affected system; however, the default password for the Admin user is empty, enabling a de facto unauthenticated, remote exploit.
This vulnerability has been documented in Alert 25403.
Administrators are advised to apply the appropriate updates.
Administrators are advised to change the default password for the Admin user.
Administrators are advised to enforce strong passwords for local accounts.
Administrators can help protect affected systems from external attacks by using a solid firewall strategy.
Administrators may consider using IP-based access control lists (ACLs) to allow only trusted systems to access the affected systems.
Administrators are advised to monitor affected systems.
HP has released security bulletin c03229235 at the following link: HPSBMU02746 SSRT100781.
HP has released software updates at the following links: