Trend Micro Security

HP Data Protector Client EXEC_CMD Perl Remote Code Execution Vulnerability

2015年7月21日
  危険度: : 緊急
  CVE識別番号: CVE-2011-0923

  概要

The client in HP Data Protector does not properly validate EXEC_CMD arguments, which allows remote attackers to execute arbitrary Perl code via a crafted command, related to the "local bin directory."

  トレンドマイクロの対策

Apply associated Trend Micro DPI Rules.

  対応方法

  Trend Micro Deep Security DPI Rule Number: 1004786
  Trend Micro Deep Security DPI Rule Name: 1004786 - HP Data Protector Client EXEC_CMD Perl Remote Code Execution Vulnerability

  影響を受けるソフトウェア

  • hp data_protector