Added: 01/28/2014
CVE: CVE-2013-6194
BID: 64647
OSVDB: 101630
HP OpenView Storage Data Protector is a backup solution for enterprise and distributed environments.
A vulnerability in the Backup Client Service (OmniInet.exe) allows remote, unauthenticated attackers to write files to arbitrary locations by sending an opcode 42 request containing a directory traversal attack. This can be leveraged to execute arbitrary commands with SYSTEM privileges.
Apply the patch referenced in HPSBMU02895 SSRT101253.
<http://www.zerodayinitiative.com/advisories/ZDI-14-003/>
Exploit works on HP Data Protector 6.20 on Windows Server 2003 SP2 and Windows XP SP3.
Windows