Test Kennung:	1.3.6.1.4.1.25623.1.0.807814
Kategorie:	General
Titel:	HP Data Protector Multiple Vulnerabilities (Apr 2016)
Zusammenfassung:	HP Data Protector is prone to multiple vulnerabilities.
Beschreibung:	Summary: HP Data Protector is prone to multiple vulnerabilities. Vulnerability Insight: The flaw exists as, - Data Protector does not authenticate users, even with Encrypted Control Communications enabled. - Data Protector contains an embedded SSL private key. - Some other unspecified errors. Vulnerability Impact: Successful exploitation will allow remote attackers to execute arbitrary code on the affected system and also gain access to potentially sensitive information. Affected Software/OS: HP Data Protector before 7.03_108, 8.x before 8.15 and 9.x before 9.06. Solution: Update to version 7.03_108, 8.15, 9.06 or later. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2016-2004 CERT/CC vulnerability note: VU#267328 http://www.kb.cert.org/vuls/id/267328 https://www.exploit-db.com/exploits/39858/ https://www.exploit-db.com/exploits/39874/ http://packetstormsecurity.com/files/137199/HP-Data-Protector-A.09.00-Command-Execution.html http://packetstormsecurity.com/files/137341/HP-Data-Protector-Encrypted-Communication-Remote-Command-Execution.html http://www.securitytracker.com/id/1035631 Common Vulnerability Exposure (CVE) ID: CVE-2016-2005 http://www.zerodayinitiative.com/advisories/ZDI-16-245 Common Vulnerability Exposure (CVE) ID: CVE-2016-2006 http://www.zerodayinitiative.com/advisories/ZDI-16-246 Common Vulnerability Exposure (CVE) ID: CVE-2016-2007 http://www.zerodayinitiative.com/advisories/ZDI-16-247 Common Vulnerability Exposure (CVE) ID: CVE-2016-2008 Common Vulnerability Exposure (CVE) ID: CVE-2015-2808 AIX APAR: IV71888 http://www-01.ibm.com/support/docview.wss?uid=swg1IV71888 AIX APAR: IV71892 http://www-01.ibm.com/support/docview.wss?uid=swg1IV71892 BugTraq ID: 73684 http://www.securityfocus.com/bid/73684 BugTraq ID: 91787 http://www.securityfocus.com/bid/91787 Debian Security Information: DSA-3316 (Google Search) http://www.debian.org/security/2015/dsa-3316 Debian Security Information: DSA-3339 (Google Search) http://www.debian.org/security/2015/dsa-3339 https://security.gentoo.org/glsa/201512-10 HPdes Security Advisory: HPSBGN03338 http://marc.info/?l=bugtraq&m=143456209711959&w=2 HPdes Security Advisory: HPSBGN03354 http://marc.info/?l=bugtraq&m=143629696317098&w=2 HPdes Security Advisory: HPSBGN03366 http://marc.info/?l=bugtraq&m=143818140118771&w=2 HPdes Security Advisory: HPSBGN03367 http://marc.info/?l=bugtraq&m=143817899717054&w=2 HPdes Security Advisory: HPSBGN03372 http://marc.info/?l=bugtraq&m=143817021313142&w=2 HPdes Security Advisory: HPSBGN03399 http://marc.info/?l=bugtraq&m=144060576831314&w=2 HPdes Security Advisory: HPSBGN03402 http://marc.info/?l=bugtraq&m=144069189622016&w=2 HPdes Security Advisory: HPSBGN03403 http://marc.info/?l=bugtraq&m=144104565600964&w=2 HPdes Security Advisory: HPSBGN03405 http://marc.info/?l=bugtraq&m=144060606031437&w=2 HPdes Security Advisory: HPSBGN03407 http://marc.info/?l=bugtraq&m=144102017024820&w=2 HPdes Security Advisory: HPSBGN03414 http://marc.info/?l=bugtraq&m=144059660127919&w=2 HPdes Security Advisory: HPSBGN03415 http://marc.info/?l=bugtraq&m=144059703728085&w=2 HPdes Security Advisory: HPSBMU03345 http://marc.info/?l=bugtraq&m=144043644216842&w=2 HPdes Security Advisory: HPSBMU03377 http://marc.info/?l=bugtraq&m=143741441012338&w=2 HPdes Security Advisory: HPSBMU03401 http://marc.info/?l=bugtraq&m=144104533800819&w=2 HPdes Security Advisory: HPSBUX03512 http://marc.info/?l=bugtraq&m=144493176821532&w=2 HPdes Security Advisory: SSRT102073 https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04687922 HPdes Security Advisory: SSRT102127 HPdes Security Advisory: SSRT102129 HPdes Security Advisory: SSRT102133 HPdes Security Advisory: SSRT102150 HPdes Security Advisory: SSRT102254 https://www.blackhat.com/docs/asia-15/materials/asia-15-Mantin-Bar-Mitzvah-Attack-Breaking-SSL-With-13-Year-Old-RC4-Weakness-wp.pdf RedHat Security Advisories: RHSA-2015:1006 http://rhn.redhat.com/errata/RHSA-2015-1006.html RedHat Security Advisories: RHSA-2015:1007 http://rhn.redhat.com/errata/RHSA-2015-1007.html RedHat Security Advisories: RHSA-2015:1020 http://rhn.redhat.com/errata/RHSA-2015-1020.html RedHat Security Advisories: RHSA-2015:1021 http://rhn.redhat.com/errata/RHSA-2015-1021.html RedHat Security Advisories: RHSA-2015:1091 http://rhn.redhat.com/errata/RHSA-2015-1091.html RedHat Security Advisories: RHSA-2015:1228 http://rhn.redhat.com/errata/RHSA-2015-1228.html RedHat Security Advisories: RHSA-2015:1229 http://rhn.redhat.com/errata/RHSA-2015-1229.html RedHat Security Advisories: RHSA-2015:1230 http://rhn.redhat.com/errata/RHSA-2015-1230.html RedHat Security Advisories: RHSA-2015:1241 http://rhn.redhat.com/errata/RHSA-2015-1241.html RedHat Security Advisories: RHSA-2015:1242 http://rhn.redhat.com/errata/RHSA-2015-1242.html RedHat Security Advisories: RHSA-2015:1243 http://rhn.redhat.com/errata/RHSA-2015-1243.html RedHat Security Advisories: RHSA-2015:1526 http://rhn.redhat.com/errata/RHSA-2015-1526.html http://www.securitytracker.com/id/1032599 http://www.securitytracker.com/id/1032600 http://www.securitytracker.com/id/1032707 http://www.securitytracker.com/id/1032708 http://www.securitytracker.com/id/1032734 http://www.securitytracker.com/id/1032788 http://www.securitytracker.com/id/1032858 http://www.securitytracker.com/id/1032868 http://www.securitytracker.com/id/1032910 http://www.securitytracker.com/id/1032990 http://www.securitytracker.com/id/1033071 http://www.securitytracker.com/id/1033072 http://www.securitytracker.com/id/1033386 http://www.securitytracker.com/id/1033415 http://www.securitytracker.com/id/1033431 http://www.securitytracker.com/id/1033432 http://www.securitytracker.com/id/1033737 http://www.securitytracker.com/id/1033769 http://www.securitytracker.com/id/1036222 SuSE Security Announcement: SUSE-SU-2015:1073 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00013.html SuSE Security Announcement: SUSE-SU-2015:1085 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00014.html SuSE Security Announcement: SUSE-SU-2015:1086 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00015.html SuSE Security Announcement: SUSE-SU-2015:1138 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html SuSE Security Announcement: SUSE-SU-2015:1161 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00031.html SuSE Security Announcement: SUSE-SU-2015:1319 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html SuSE Security Announcement: SUSE-SU-2015:1320 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html SuSE Security Announcement: SUSE-SU-2015:2166 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00000.html SuSE Security Announcement: SUSE-SU-2015:2192 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00004.html SuSE Security Announcement: SUSE-SU-2016:0113 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00005.html SuSE Security Announcement: openSUSE-SU-2015:1288 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html SuSE Security Announcement: openSUSE-SU-2015:1289 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html http://www.ubuntu.com/usn/USN-2696-1 http://www.ubuntu.com/usn/USN-2706-1
Copyright	Copyright (C) 2016 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.