Lucene search
K

896 matches found

Cvelist
Cvelist
added 2018/02/15 10:0 p.m.16 views

CVE-2017-5808

A Remote Arbitrary Code Execution vulnerability in HPE Data Protector version prior to 8.17 and 9.09 was found...

8.2AI score0.16358EPSS
Exploits0References3
CVE
CVE
added 2018/02/15 10:0 p.m.52 views

CVE-2017-5808

CVE-2017-5808 is a Remote Arbitrary Code Execution vulnerability in HP Data Protector, affecting versions prior to 8.17 and 9.09. The issue is exploitable remotely over the network with no user interaction required, and has a high impact on availability (I) per CVSS v3.0 and high overall severity...

7.8CVSS8.1AI score0.16358EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2018/02/15 10:0 p.m.17 views

CVE-2017-5807

A Remote Arbitrary Code Execution vulnerability in HPE Data Protector version prior to 8.17 and 9.09 was found...

9.7AI score0.22293EPSS
Exploits0References3
CVE
CVE
added 2018/02/15 10:0 p.m.77 views

CVE-2017-5807

CVE-2017-5807 is a Remote Arbitrary Code Execution vulnerability affecting HPE Data Protector versions prior to 8.17 and 9.09. The connected sources indicate an overflow condition that, when triggered by certain input, could allow remote code execution. The issue is categorized with high to criti...

10CVSS9.5AI score0.22293EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/08/11 12:0 a.m.268 views

HP Data Protector 8.x < 8.17 / 9.x < 9.09 Multiple Vulnerabilities (HPSBGN03732)

The version of HP Data Protector installed on the remote host is 8.x prior to 8.17, or 9.x prior to 9.09. It is, therefore, affected by the following vulnerabilities : - HPE Data Protector contains an unspecified overflow condition that is triggered as certain input is not properly validated. Thi...

10CVSS7.2AI score0.22293EPSS
Exploits0References4
CNVD
CNVD
added 2017/08/07 12:0 a.m.3 views

HP Data Protector Software Stack Buffer Overflow Vulnerability

HP Data Protector Software is a suite of unified data protection solutions from Hewlett-Packard HP in the United States. The solution protects data across all physical and virtual environments by utilizing an intelligent data management approach that provides three-party application source, stand...

10CVSS9.6AI score0.22293EPSS
Exploits0References1
CNVD
CNVD
added 2017/08/07 12:0 a.m.2 views

HP Data Protector Software Local Information Disclosure Vulnerability

HP Data Protector Software is a suite of unified data protection solutions from Hewlett-Packard HP in the United States. The solution protects data across all physical and virtual environments by utilizing an intelligent data management approach that provides three-party application source, stand...

5.5CVSS5.7AI score0.01613EPSS
Exploits0References1
CNVD
CNVD
added 2017/08/07 12:0 a.m.4 views

HP Data Protector Software Remote Denial of Service Vulnerability

HP Data Protector Software is a suite of unified data protection solutions from Hewlett-Packard HP in the United States. The solution protects data across all physical and virtual environments by utilizing an intelligent data management approach that provides three-party application source, stand...

7.8CVSS7.4AI score0.16358EPSS
Exploits0References1
Check Point Advisories
Check Point Advisories
added 2016/10/26 12:0 a.m.20 views

HP Data Protector Remote Command Execution (CVE-2016-2004)

An arbitrary command execution vulnerability exists in the HPE Data Protector. A remote, unauthenticated attacker could exploit this vulnerability by sending malformed requests to a HPE Data Protector service. Successful exploitation could lead to arbitrary command execution under the context of...

9.3CVSS3.8AI score0.94297EPSS
Exploits14
Check Point Advisories
Check Point Advisories
added 2016/08/14 12:0 a.m.19 views

HPE Data Protector EXEC_BAR domain Buffer Overflow (CVE-2016-2006)

A buffer overflow vulnerability has been found in the Omnilnet.exe component of HPE Data Protector. This vulnerability is due to lack of boundary checks on the domain field in EXECBAR requests. A remote, unauthenticated attacker could exploit this vulnerability by sending malformed requests to a...

10CVSS9.6AI score0.20412EPSS
Exploits0
Check Point Advisories
Check Point Advisories
added 2016/07/10 12:0 a.m.12 views

HPE Data Protector EXEC_BAR username Buffer Overflow (CVE-2016-2005)

A buffer overflow vulnerability has been found in the OmniInet.exe component of HPE Data Protector. This vulnerability is due to lack of boundary checks on the username field in EXECBAR requests. A remote, unauthenticated attacker could exploit this vulnerability by sending malformed requests to...

10CVSS9.7AI score0.20412EPSS
Exploits0
OpenVAS
OpenVAS
added 2016/07/08 12:0 a.m.41 views

HP Data Protector Encrypted Communications Arbitrary Command Execution Vulnerability

HP Data Protector is prone to an arbitrary command execution vulnerability. Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is...

9.8CVSS9.6AI score0.94297EPSS
Exploits14References5
Packet Storm
Packet Storm
added 2016/06/07 12:0 a.m.110 views

HP Data Protector Encrypted Communication Remote Command Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'msf/core/exploit/powershell' require 'openssl' class MetasploitModule "HP Data Protector Encrypted Communication Remote Command Execution",...

9.3CVSS0.4AI score0.94297EPSS
Exploits14
Metasploit
Metasploit
added 2016/05/31 9:58 p.m.26 views

HP Data Protector Encrypted Communication Remote Command Execution

This module exploits a well known remote code execution exploit after establishing encrypted control communications with a Data Protector agent. This allows exploitation of Data Protector agents that have been configured to only use encrypted control communications. This exploit works by executin...

9.8CVSS10AI score0.94297EPSS
Exploits14
Saint
Saint
added 2016/05/31 12:0 a.m.32 views

HP Data Protector missing authentication

Added: 05/31/2016 CVE: CVE-2016-2004 Background HP OpenView Storage Data Protector is a backup solution for enterprise and distributed environments. Problem Data Protector does not authenticate users, even with Encrypted Control Communications enabled. This could allow an unauthenticated remote...

9.3CVSS9.7AI score0.94297EPSS
Exploits14
0day.today
0day.today
added 2016/05/31 12:0 a.m.212 views

HP Data Protector A.09.00 - Encrypted Communications Arbitrary Command Execution (Metasploit)

Exploit for windows platform in category remote exploits Exploit Title: Data Protector Encrypted Communications Date: 26-05-2016 Exploit Author: Ian Lovering Vendor Homepage: http://www8.hp.com/uk/en/software-solutions/data-protector-backup-recovery-software/ Version: A.09.00 and earlier Tested o...

9.3CVSS0.5AI score0.94297EPSS
Exploits14
Exploit DB
Exploit DB
added 2016/05/31 12:0 a.m.69 views

HP Data Protector A.09.00 - Encrypted Communications Arbitrary Command Execution (Metasploit)

Exploit Title: Data Protector Encrypted Communications Date: 26-05-2016 Exploit Author: Ian Lovering Vendor Homepage: http://www8.hp.com/uk/en/software-solutions/data-protector-backup-recovery-software/ Version: A.09.00 and earlier Tested on: Windows Server 2008 CVE : CVE-2016-2004 This module...

9.8CVSS9.6AI score0.94297EPSS
Exploits14
Saint
Saint
added 2016/05/31 12:0 a.m.44 views

HP Data Protector missing authentication

Added: 05/31/2016 CVE: CVE-2016-2004 Background HP OpenView Storage Data Protector is a backup solution for enterprise and distributed environments. Problem Data Protector does not authenticate users, even with Encrypted Control Communications enabled. This could allow an unauthenticated remote...

9.3CVSS9.7AI score0.94297EPSS
Exploits14
exploitpack
exploitpack
added 2016/05/31 12:0 a.m.52 views

HP Data Protector A.09.00 - Encrypted Communications Arbitrary Command Execution (Metasploit)

HP Data Protector A.09.00 - Encrypted Communications Arbitrary Command Execution Metasploit Exploit Title: Data Protector Encrypted Communications Date: 26-05-2016 Exploit Author: Ian Lovering Vendor Homepage: http://www8.hp.com/uk/en/software-solutions/data-protector-backup-recovery-software/...

9.3CVSS0.4AI score0.94297EPSS
Exploits14
Saint
Saint
added 2016/05/31 12:0 a.m.48 views

HP Data Protector missing authentication

Added: 05/31/2016 CVE: CVE-2016-2004 Background HP OpenView Storage Data Protector is a backup solution for enterprise and distributed environments. Problem Data Protector does not authenticate users, even with Encrypted Control Communications enabled. This could allow an unauthenticated remote...

9.8CVSS9.7AI score0.94297EPSS
Exploits14
Rows per page
Query Builder