CVE-2013-2331

Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1652...

CVE-2013-2332

Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1654...

CVE-2013-2333

Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1680...

CVE-2013-2334

Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1681...

CVE-2013-2335

Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1733...

CVE-2013-2325

Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1633...

CVE-2013-2330

Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1638...

CVE-2013-2333

HP Data Protector contains a remote code execution vulnerability (CVE-2013-2333) in the CRS.exe Cell Request Service caused by a stack-based buffer overflow when processing opcode 211. A remote attacker can send a crafted request to the vulnerable CRS service (which listens on a random port) to e...

CVE-2013-2331

HP Data Protector (v6.20/v6.21/v7.00/v7.01) is vulnerable to a remote code execution due to a stack-based buffer overflow in crs.exe when parsing opcode 1092. The issue, ZDI-CAN-1652, allows unauthenticated, remote attackers to execute arbitrary code (SYSTEM context) on vulnerable installations. ...

CVE-2013-2330

CVE-2013-2330 affects HP Storage/Data Protector. The vulnerability is a stack-based buffer overflow in the Cell Request service (crs.exe) when processing opcode 305, enabling remote arbitrary code execution. Exploitation is unauthenticated and can run with SYSTEM/privileged context on affected Wi...

CVE-2013-2328

CVE-2013-2328 affects HP Storage/Data Protector 6.20/6.21 and 7.00/7.01. A stack-based buffer overflow in crs.exe (within HP Data Protector) when parsing specific opcodes (215 and 263) allows remote code execution. This can occur without authentication and is exploitable over the network, with th...

CVE-2013-2326

HP Data Protector CVE-2013-2326 affects Data Protector v6.20/v6.21 and v7.00/v7.01. The root cause is a stack buffer overflow in the Cell Request Service (crs.exe) when processing opcode 234, allowing remote attackers to cause arbitrary code execution. Exploitation is possible remotely and unauth...

CVE-2013-2332

HP Data Protector (v6.20/v6.21; v7.00/v7.01) is affected by a remote code execution vulnerability in crs.exe (opcode 260) that allows unauthenticated attackers to copy user-supplied data into a fixed-length stack buffer and execute code as SYSTEM. The issue affects the Cell Manager; vulnerable pa...

CVE-2013-2329

HP Data Protector (CRS opcode 259) is affected by a stack-based buffer overflow in crs.exe when processing opcode 259, allowing a remote, unauthenticated attacker to execute arbitrary code. Affected versions include 6.20, 6.21, 7.00, and 7.01; the flaw occurs during parsing of opcode 259 and is e...

CVE-2013-2327

HP Data Protector CVE-2013-2327 is a remote code execution flaw in crs.exe (opcode 264). Affected versions: 6.20/6.21 and 7.00/7.01. The vulnerability enables unauthenticated remote code execution with SYSTEM privileges by parsing a crafted opcode on the Cell Manager, listening on a random TCP po...

CVE-2013-2325

HP Data Protector (Storage Data Protector) CVE-2013-2325 affects HP Storage Data Protector v6.20/v6.21 and v7.00/v7.01. The Red Hat/ZeroDay and HP security bulletins describe a stack-based buffer overflow in the Cell Request service (crs.exe) when processing opcode 235, allowing remote attackers ...

CVE-2013-2324

CVE-2013-2324 affects HP Storage/Data Protector (v6.20/v6.21 and v7.00/v7.01). The Red Hat/HP advisories describe a stack buffer overflow in the CRS service (CRS.exe) triggered by parsing certain opcodes (207, 210, 236, 243, 265). This allows a remote, unauthenticated attacker to run arbitrary co...

CVE-2013-2334

HP Data Protector (Storage Data Protector) XP: CVE-2013-2334 affects HP Data Protector v6.20/v6.21 and v7.00/v7.01. The Red Hat/HP advisories describe a remote code execution risk via unspecified vectors, with the root cause tied to a crash/overflow in crs.exe (Cell Manager) that copies user-supp...

CVE-2013-2335

HP Data Protector (v6.20/6.21; v7.00/7.01) contains a remote code execution vulnerability in the Cell Request Service crs.exe triggered by opcode 227. The flaw allows a remote attacker to cause a stack buffer overflow and execute arbitrary code with SYSTEM privileges by sending a crafted request ...

HP Data Protector multiple security vulnerabilities

Privilege escalation, code execution, DoS...