Intrusion Prevention

HP.LeftHand.Virtual.SAN.hydra.Diag.Buffer.Overflow

Description

This indicates an attack attempt against a Buffer Overflow vulnerability in HP LeftHand Virtual SAN Appliance.
The vulnerability is caused by an invalidation input error when handling a malicious Diag request. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application, via a crafted request.

Affected Products

HP LeftHand Virtual SAN Appliance prior to 10.0

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03661318

CVE References

CVE-2012-3283