ngrandbois at microsolved
Oct 2, 2008, 7:37 AM
Post #1 of 2
Both links for more information are "dead" in this plugin.
Links dead in plugin ID 22225
Hole|Synopsis :\n\nIt is possible to execute code on the remote host
through the backup\nagent. \n\nDescription :\n\nThe remote version of HP
OpenView Data Protector is vulnerable to an\nauthentication bypass
vulnerability. By sending specially-crafted\nrequests to the remote
host, an attacker may be able to execute\nunauthorized Backup commands.
Due to the nature of the software, a\nsuccessful exploitation of this
vulnerability could result in remote\ncode execution. \n\nSee also :
\n\nSolution :\n\nIf this service is not needed, disable it or filter
incoming traffic\nto this port. HP has released a set of patches for
Data Protector\n5.10 and
\n\n / CVSS Base Score : 7.5\n(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)\nCVE
: CVE-2006-4201\nBID : 19495\n
 http://www.niscc.gov.uk/niscc/docs/br-20060811-00550.html is a 404.
Of course, the CVE entry and BID are correct. Perhaps updating the link
 to be http://www.kb.cert.org/vuls/id/673228 would be more useful?
Link  could be updated to
which is an URL from HP that does not require registration.
This is a tenable maintained plugin or I would have contacted the author.
Nathan Grandbois, CISSP ngrandbois [at] microsolved
Security Analyst (614) 351-1237 x 212
PGP Key Available by Request
MicroSolved is security expertise you can trust!
HoneyPoint Security Server
Attackers get stung, instead of you!