AnsweredAssumed Answered

QID 42435 - HP Data Protector 'EXEC_INTEGUTIL' Message Remote Command Execution Vulnerability

Question asked by Jean-Yves HAGUET on Jan 20, 2015

Hi all
For this vulnerability, HP did not published a patch
The mitigation says :
You can enable the encrypted control communication from the command line as root by doing the below.
Please review your configuration and enable it from the command line interface, executing:
# omnicc -encryption -enable
You can read up on the capability on page 145 of the User Guide. That guide is a PDF file, and found in /opt/omni/doc/C

But it's already done ; ex for a specific client having the vulnerability :
C:\Program Files\OmniBack\bin>omnicc -encryption -status ccb1p1
Client activé (CM)
ccb1p1.aixbck.local true true

So, any ideas about the solution ?


Regards

Outcomes