Vigil@nce - HP OpenView Data Protector: denial of service
December 2010 by Marc Jacob
This bulletin was written by Vigil@nce : http://vigilance.fr/
SYNTHESIS OF THE VULNERABILITY
An attacker can send a malicious packet to HP OpenView Data
Protector, in order to stop it.
Severity: 2/4
Creation date: 02/12/2010
DESCRIPTION OF THE VULNERABILITY
The HP OpenView Storage Data Protector product processes data of
an enterprise.
When the Media Management Daemon (mmd.exe, port 1026/tcp) service
receives a malformed packet, a NULL pointer is dereferenced in
OmniBack\bin\MSVCR71.dll.
An attacker can therefore send a malicious packet to HP OpenView
Data Protector, in order to stop it.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/HP-OpenView-Data-Protector-denial-of-service-10172