Zero-Day Advisory
Fortinet Discovers Multiple Vulnerabilities In HP StorageWorks Storage Mirroring Software Log-on Module
Summary
Fortinet's FortiGuard Labs has discovered multiple vulnerabilities in HP StorageWorks Storage Mirroring Software Log-on Module.
Solutions
Use the solution provided by HP.Additional Information
A heap-based buffer overflow vulnerability exists in the HP StorageWorks Storage Mirroring Auto-Discovery Module that can lead to remote code execution. This is due to invalid bounds checking. Attackers can exploit this vulnerability by sending a malformed UDP packet.
References
Acknowledgement
Zhenhua Liu, Junfeng Jia, and Xiaopeng Zhang of Fortinet's FortiGuard Global Security Research Team