896 matches found
HP OpenView Storage Data Protector code execution
No description provided...
[security bulletin] HPSBMA02654 SSRT100441 rev.1 - HP OpenView Storage Data Protector, Remote Execution of Arbitrary Code
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02781143 Version: 1 HPSBMA02654 SSRT100441 rev.1 - HP OpenView Storage Data Protector, Remote Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be acted upon as...
HP Data Protector Manager RDS DOS
This module causes a remote DOS on HP Data Protector's RDS service. By sending a malformed packet to port 1530, rm32.dll causes RDS to crash due to an enormous size for malloc. This module requires Metasploit: https://metasploit.com/download Current source:...
HP Data Protector integer overflow
Data Protector Media Operations DBServer.exe TCP/19813integer overflow is unpatched for over 180 days...
ZDI-11-112: (0 day) Hewlett-Packard Data Protector Media Operations DBServer.exe Remote Code Execution Vulnerability
ZDI-11-112: 0 day Hewlett-Packard Data Protector Media Operations DBServer.exe Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-112 March 23, 2011 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Hewlett-Packard -- Affected Products: Hewlett-Packa...
(0 day) Hewlett-Packard Data Protector Media Operations DBServer.exe Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Data Protector. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DBServer.exe process which listens by default on TCP port 19813. While parsing a...
HP Data Protector OmniInet Service NULL Dereference Denial of Service
HP OpenView Storage Data Protector is a backup solution tailored for enterprise and distributed environments. The Data Protector environment consists of various components and processes: Cell Manager, OmniInet, backup agents, and backup device servers. The OmniInet process omniinet.exe is...
Update Protection against HP Data Protector Manager RDS Denial of Service
A denial of service vulnerability was reported in HP Data Protector Manager RDS service. The vulnerability is due to a design error while handling packets containing an overly large size value. Remote attackers could exploit this vulnerability by sending a crafted packet to the vulnerable service...
Update Protection against HP Data Protector OmniInet Service Null Dereference Denial of Service
A denial of service vulnerability exists in HP Data Protector OmniInet Service, one of the processes of the HP OpenView Storage Data Protector. Remote attackers could exploit this vulnerability by sending a maliciously crafted request to the target server. Successful exploitation could result in ...
HP Data Protector Client agent EXEC_SETUP code execution
Added: 03/03/2011 CVE: CVE-2011-0922 BID: 46234 OSVDB: 72525 Background HP OpenView Storage Data Protector is a backup solution for enterprise and distributed environments. Problem The backup agent provided by the Data Protector Backup Client Service may be instructed to execute a setup file from...
HP Data Protector Client agent EXEC_SETUP code execution
Added: 03/03/2011 CVE: CVE-2011-0922 BID: 46234 OSVDB: 72525 Background HP OpenView Storage Data Protector is a backup solution for enterprise and distributed environments. Problem The backup agent provided by the Data Protector Backup Client Service may be instructed to execute a setup file from...
HP Data Protector Client agent EXEC_SETUP code execution
Added: 03/03/2011 CVE: CVE-2011-0922 BID: 46234 OSVDB: 72525 Background HP OpenView Storage Data Protector is a backup solution for enterprise and distributed environments. Problem The backup agent provided by the Data Protector Backup Client Service may be instructed to execute a setup file from...
HP Data Protector Client agent EXEC_SETUP code execution
Added: 03/03/2011 CVE: CVE-2011-0922 BID: 46234 OSVDB: 72525 Background HP OpenView Storage Data Protector is a backup solution for enterprise and distributed environments. Problem The backup agent provided by the Data Protector Backup Client Service may be instructed to execute a setup file from...
HP Data Protector Manager RDS Denial of Service
HP OpenView Storage Data Protector is a backup solution tailored for enterprise and distributed environments. The Data Protector environment consists of a Cell Manager, backup agents, and backup device servers. The Raima Database Server process RDS.EXE runs on the Data Protector Cell Manager and...
ZDI-11-054: Hewlett-Packard Data Protector Client EXEC_CMD omni_chk_ds.sh Remote Code Execution Vulnerability
ZDI-11-054: Hewlett-Packard Data Protector Client EXECCMD omnichkds.sh Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-054 February 7, 2011 - This vulnerability is being disclosed publicly without a patch in accordance with the ZDI 180 day deadline. To view...
ZDI-11-055: Hewlett-Packard Data Protector Client EXEC_CMD Perl Remote Code Execution Vulnerability
ZDI-11-055: Hewlett-Packard Data Protector Client EXECCMD Perl Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-055 February 7, 2011 - This vulnerability is being disclosed publicly without a patch in accordance with the ZDI 180 day deadline. To view...
ZDI-11-057: Hewlett-Packard Data Protector Cell Manager Service Authentication Bypass Vulnerability
ZDI-11-057: Hewlett-Packard Data Protector Cell Manager Service Authentication Bypass Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-057 February 7, 2011 - This vulnerability is being disclosed publicly without a patch in accordance with the ZDI 180 day deadline. To view...
ZDI-11-056: Hewlett-Packard Data Protector Client EXEC_SETUP Remote Code Execution Vulnerability
ZDI-11-056: Hewlett-Packard Data Protector Client EXECSETUP Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-056 February 7, 2011 - This vulnerability is being disclosed publicly without a patch in accordance with the ZDI 180 day deadline. To view mitigations...
CVE-2011-0924
The client in HP Data Protector does not verify the contents of files associated with the EXECCMD command, which allows remote attackers to execute arbitrary script code by providing this code with a trusted filename, as demonstrated by omnichkds.sh...
CVE-2011-0922
The client in HP Data Protector allows remote attackers to execute arbitrary programs via an EXECSETUP command that references a UNC share pathname...