896 matches found
HP Data Protector Express Opcode 0x320 Overflow
Added: 07/23/2012 CVE: CVE-2012-0121 BID: 52431 OSVDB: 80102 Background HP Data Protector Express is a backup and recovery solution for single machines and small networks. Problem A stack overflow vulnerability exists in dpwindtb.dll. Validation of parameters to Opcode 0x320 requests are not...
HP Data Protector Create New Folder Buffer Overflow
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'HP Data Protector...
HP Data Protector Create New Folder Buffer Overflow
Exploit for windows platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework...
HP Data Protector - Create New Folder Buffer Overflow (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'HP Data Protector...
HP Data Protector Create New Folder Buffer Overflow
This module exploits a stack buffer overflow in HP Data Protector 5. The overflow occurs in the creation of new folders, where the name of the folder is handled in a insecure way by the dpwindtb.dll component. While the overflow occurs in the stack, the folder name is split in fragments in this...
HP OpenView Storage Data Protector inet Service EXEC_CMD Remote Overflow
Added: 06/27/2012 CVE: CVE-2011-1866 BID: 48488 OSVDB: 73572 Background HP Data Protector is an automated data backup solution. Problem A buffer overflow vulnerability in omniinet.exe in the inet service of HP OpenView Storage Data Protector allows remote attackers to execute arbitrary commands b...
HP OpenView Storage Data Protector inet Service EXEC_CMD Remote Overflow
Added: 06/27/2012 CVE: CVE-2011-1866 BID: 48488 OSVDB: 73572 Background HP Data Protector is an automated data backup solution. Problem A buffer overflow vulnerability in omniinet.exe in the inet service of HP OpenView Storage Data Protector allows remote attackers to execute arbitrary commands b...
HP OpenView Storage Data Protector inet Service EXEC_CMD Remote Overflow
Added: 06/27/2012 CVE: CVE-2011-1866 BID: 48488 OSVDB: 73572 Background HP Data Protector is an automated data backup solution. Problem A buffer overflow vulnerability in omniinet.exe in the inet service of HP OpenView Storage Data Protector allows remote attackers to execute arbitrary commands b...
HP OpenView Storage Data Protector inet Service EXEC_CMD Remote Overflow
Added: 06/27/2012 CVE: CVE-2011-1866 BID: 48488 OSVDB: 73572 Background HP Data Protector is an automated data backup solution. Problem A buffer overflow vulnerability in omniinet.exe in the inet service of HP OpenView Storage Data Protector allows remote attackers to execute arbitrary commands b...
HP Data Protector Express multiple security vulnerabilities
DoS, code execution...
ZDI-12-096 : HP Data Protector Express Opcode 0x330 Parsing Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-096 : HP Data Protector Express Opcode 0x330 Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-096 June 21, 2012 - -- CVE ID: CVE-2012-0122 - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - -- Affected...
HP Data Protector Express Opcode 0x320 Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Data Protector Express. Authentication is not required to exploit this vulnerability. User interaction is not required to exploit this vulnerability. The specific flaw exists within the...
HP Data Protector Client 6.11 / 6.20 Remote Code Execution
!/usr/bin/env python Exploit Title: HP Data Protector Client EXECCMD Remote Code Execution Vulnerability Date: 2012-12-06 Exploit Author: Ben Turner Vendor Homepage: www.hp.com Version: 6.11 & 6.20 Tested on: Windows 2003 Server SP2 en CVE: CVE-2011-0922 Notes: ZDI-11-056 Reference:...
HP Data Protector Client EXEC_CMD Remote Code Execution
Exploit for windows platform in category remote exploits !/usr/bin/env python Exploit Title: HP Data Protector Client EXECCMD Remote Code Execution Vulnerability Date: 2012-12-06 Exploit Author: Ben Turner Vendor Homepage: www.hp.com Version: 6.11 & 6.20 Tested on: Windows 2003 Server SP2 en CVE:...
HP Data Protector Client - EXEC_CMD Remote Code Execution
HP Data Protector Client - EXECCMD Remote Code Execution !/usr/bin/env python Exploit Title: HP Data Protector Client EXECCMD Remote Code Execution Vulnerability Date: 2012-12-06 Exploit Author: Ben Turner Vendor Homepage: www.hp.com Version: 6.11 & 6.20 Tested on: Windows 2003 Server SP2 en CVE:...
HP Data Protector Client - EXEC_CMD Remote Code Execution
!/usr/bin/env python Exploit Title: HP Data Protector Client EXECCMD Remote Code Execution Vulnerability Date: 2012-12-06 Exploit Author: Ben Turner Vendor Homepage: www.hp.com Version: 6.11 & 6.20 Tested on: Windows 2003 Server SP2 en CVE: CVE-2011-0922 Notes: ZDI-11-056 Reference:...
HP Data Protector Media Operations Directory Traversal
An information disclosure vulnerability has been reported in HP Data Protector Media Operations server...
HP Data Protector DPNECentral Web Service Detection
HP Data Protector DPNECentral Web Service, a component of HP Data Protector for managing backup policies, is hosted on the remote web server. This service is installed with HP Data Protector for PCs, HP Data Protector Notebook Extension, and possibly other HP Data Protector software. C Tenable...
HP Data Protector LogClientInstallation Method Userid Field SQL Execution
The HP Data Protector DPNECentral web service listening on this port contains a SQL injection vulnerability because it fails to properly sanitize user-supplied input to the userid field of its LogClientInstallation method before using it in a database query. This may allow an attacker to read and...
HP Data Protector Multiple Products RequestCopy SQL Injection (CVE-2011-3158)
An SQL injection vulnerability has been reported in multiple HP Data Protector products...