Exploit HP Data Protector Media Operations 6.11 (Multiple Modules) - Null Pointer Dereference Denial of Service

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
14974
Проверка EDB
  1. Пройдено
Автор
D0LC3
Тип уязвимости
DOS
Платформа
WINDOWS
CVE
N/A
Дата публикации
2010-09-11
HP Data Protector Media Operations 6.11 (Multiple Modules) - Null Pointer Dereference Denial of Service
Код:
#Exploit Title: HP Data Protector Media Operations 6.11 Multiple NULL Pointer Dereference Local DoS (0day)
   
#Date:          11/09/2010   

#Author:        d0lc3   d0lc3x[at]gmail[dom]com 

#Author Link:   http://elotrolad0.blogspot.com/  

#Software Link:    (trial) https://h10078.www1.hp.com/cda/hpdc/navigation.do?
action=downloadBinStart&caid=44914&cp=54_4000_100&zn=bto&filename=B7
129AAE

#Version:       6.11 

#Tested on:     win32 XP SP3 (spa)

#Summary:  
"DBServer.exe" and "DBTools.exe" are prone to local denial of service 
causing a NULL pointer Dereference. 
Correct manipulation of .4DC file format should to allow attackers exploit this
issue to crash application, denying service to legitimate users. Due to the
nature of this issue, attackers may be able to execute local arbitrary
code, but this has not been confirmed.

More details on author blog:

http://elotrolad0.blogspot.com/2010/09/hp-data-protector-media-operations-611.html

by r0i

PoC: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/14974.rar (HP_Data_Protector_Poc.rar)
 
Источник
www.exploit-db.com

Похожие темы