HP Data Protector Client 6.11 - 'EXEC_CMD' Remote Code Execution

Exploit Title: HP Data Protector Client EXECCMD Remote Code Execution Vulnerability PoC ZDI-11-055 Date: 2011-05-28 Author: @fdiskyou e-mail: rui at deniable.org Version: 6.11 Tested on: Windows 2003 Server SP2 en CVE: CVE-2011-0923 Notes: ZDI-11-055 Reference:...

HP Data Protector Client Code Execution

Exploit Title: HP Data Protector Client Remote Code Execution Vulnerability PoC ZDI-11-055 Date: 2011-05-28 Coded by: fdisk Version: 6.11 Tested on: Windows 2003 Server SP2 en CVE: CVE-2011-0923 Notes: ZDI-11-055 Reference: http://www.zerodayinitiative.com/advisories/ZDI-11-055/ Reference:...

HP Data Protector Backup Client Service EXEC_SETUP Code Execution (CVE-2011-0922)

HP OpenView Storage Data Protector is a backup solution tailored for enterprise and distributed environments. The Data Protector environment consists of a Cell Manager, backup agents, and backup device servers. The backup agent supports various message types in its communication with clients in...

HP Data Protector < A.06.20 Multiple Vulnerabilities

According to its version and build number, the HP Data Protector application running on the remote host is affected by the following vulnerabilities : - Multiple buffer overflow conditions exist in the Backup Client Service OmniInet.exe that allow an unauthenticated, remote attacker to execute...

HP OpenView Storage Data Protector Backup Client Service GET_FILE Message Processing Overflow

Added: 05/09/2011 CVE: CVE-2011-1729 BID: 47638 OSVDB: 72188 Background HP OpenView Storage Data Protector is a backup solution for enterprise and distributed environments. Problem A remote code execution vulnerability exists in HP Data Protector Backup Client Service due to a buffer overflow in...

HP OpenView Storage Data Protector Backup Client Service GET_FILE Message Processing Overflow

Added: 05/09/2011 CVE: CVE-2011-1729 BID: 47638 OSVDB: 72188 Background HP OpenView Storage Data Protector is a backup solution for enterprise and distributed environments. Problem A remote code execution vulnerability exists in HP Data Protector Backup Client Service due to a buffer overflow in...

HP OpenView Storage Data Protector Backup Client Service GET_FILE Message Processing Overflow

Added: 05/09/2011 CVE: CVE-2011-1729 BID: 47638 OSVDB: 72188 Background HP OpenView Storage Data Protector is a backup solution for enterprise and distributed environments. Problem A remote code execution vulnerability exists in HP Data Protector Backup Client Service due to a buffer overflow in...

HP OpenView Storage Data Protector Backup Client Service GET_FILE Message Processing Overflow

Added: 05/09/2011 CVE: CVE-2011-1729 BID: 47638 OSVDB: 72188 Background HP OpenView Storage Data Protector is a backup solution for enterprise and distributed environments. Problem A remote code execution vulnerability exists in HP Data Protector Backup Client Service due to a buffer overflow in...

CVE-2011-1730

Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXECSCRIPT message...

CVE-2011-1728

Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXECBAR message...

CVE-2011-1735

Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed bm message...

CVE-2011-1736

Directory traversal vulnerability in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to read arbitrary files via directory traversal sequences in a filename in a GETFILE message...

CVE-2011-1731

Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXECINTEGUTIL message...

CVE-2011-1733

Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed HPFGConfig message...

CVE-2011-1731

Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXECINTEGUTIL message...

CVE-2011-1732

Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed stutil message...

CVE-2011-1730

Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXECSCRIPT message...

CVE-2011-1729

Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed GETFILE message...

CVE-2011-1728

Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXECBAR message...

Stack overflow

Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed stutil message...