896 matches found
HP Data Protector 6.1 EXEC_CMD Command Execution
This module exploits HP Data Protector's omniinet process, specifically against a Windows setup. When an EXECCMD packet is sent, omniinet.exe will attempt to look for that user-supplied filename with kernel32!FindFirstFileW. If the file is found, the process will then go ahead execute it with...
HP Data Protector Express Installed
HP Data Protector Express, a backup application, is installed on the remote Windows host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid58398; scriptversion"1.9"; scriptsetattributeattribute:"pluginmodificationdate", value:"2022/10/10"; scriptnameenglish:"HP Data...
HP Data Protector Express 5.x < 5.0.0 Build 59287 / 6.x < 6.0.0 Build 11974 Multiple Vulnerabilities
The version of HP Data Protector Express installed on the remote Windows host is 5.x earlier than 5.0.0 build 59287 or 6.x earlier than 6.0.0 build 11974. As such, it is potentially affected by multiple unspecified denial of service and code execution vulnerabilities. C Tenable Network Security,...
HP Data Protector Multiple Products FinishedCopy SQL Injection (CVE-2011-3162)
An SQL injection vulnerability has been reported in multiple HP Data Protector products...
HP Data Protector Multiple Products GetPolicies SQL Injection (CVE-2011-3157)
An SQL injection vulnerability has been reported in multiple HP Data Protector products...
[security bulletin] HPSBMU02746 SSRT100781 rev.1 - HP Data Protector Express, Remote Denial of Service (DoS), Execution of Arbitrary Code
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03229235 Version: 1 HPSBMU02746 SSRT100781 rev.1 - HP Data Protector Express, Remote Denial of Service DoS, Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be...
CVE-2012-0121
Unspecified vulnerability in HP Data Protector Express aka DPX 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1392...
CVE-2012-0123
Unspecified vulnerability in HP Data Protector Express aka DPX 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1498...
CVE-2012-0124
Unspecified vulnerability in HP Data Protector Express aka DPX 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors...
CVE-2012-0122
Unspecified vulnerability in HP Data Protector Express aka DPX 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1393...
Code injection
Unspecified vulnerability in HP Data Protector Express aka DPX 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1392...
Code injection
Unspecified vulnerability in HP Data Protector Express aka DPX 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1498...
Code injection
Unspecified vulnerability in HP Data Protector Express aka DPX 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1393...
Code injection
Unspecified vulnerability in HP Data Protector Express aka DPX 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors...
CVE-2012-0121
Unspecified vulnerability in HP Data Protector Express aka DPX 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1392...
CVE-2012-0122
Unspecified vulnerability in HP Data Protector Express aka DPX 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1393...
CVE-2012-0124
Unspecified vulnerability in HP Data Protector Express aka DPX 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors...
CVE-2012-0124
CVE-2012-0124 refers to a stack/heap issue in HP Data Protector Express (DPX) 5.x and 6.x prior to build 59287/11974, exploitable via the DPX server’s dpwindtb.dll when creating a new folder. The connected data confirms a concrete flaw in the AddObject path used by the New Folder operation (SVC 0...
CVE-2012-0123
HP Data Protector Express (DPX) versions 5.x before 5.0.0 build 59287 and 6.x before 6.0.0 build 11974 are affected by multiple remote vulnerabilities (CVE-2012-0121/0122/0123/0124) leading to arbitrary code execution or DoS. The root cause is a vulnerability in the Windows service components (dp...
CVE-2012-0122
CVE-2012-0122 affects HP Data Protector Express (DPX) 5.0.00 before build 59287 and 6.0.00 before build 11974. The ZDI advisory details a flaw in the dpwinsdr.exe process that listens on TCP port 3817 and has insufficient bounds checking on user-supplied data, allowing remote, unauthenticated att...