HP Data Protector Media Operations - Null Pointer Dereference Remote Denial of Service

!/usr/bin/python import socket,struct,sys,os SIGN=0x04030201 cmd=0x01000000 def main: if lensys.argv!=2: print"\nx Usage: python "+sys.argv0+" \n" sys.exit0 else: host=sys.argv1,19813 default port TCP/19813 if sys.platform=="win32": os.system"cls" else: os.system"clear" s=socket.socket try:...

HP Data Protector Express DtbClsLogin Stack Buffer Overflow (CVE-2010-3007)

HP OpenView Storage Data Protector is a cross-platform backup solution for Windows, Unix and Linux operating systems. The management console of the Data Protector environment provides quick access to track all Data Protector Express objects, including jobs, media, and scheduling rotation schemes....

HP Data Protector Express < 4.x build 56906 / 3.x build 56936 Multiple Vulnerabilities

HP Data Protector Express is installed on the remote host. The installed version of the software is affected by multiple remote vulnerabilities including a buffer overflow and a NULL pointer deference. An attacker could leverage these vulnerabilities to execute remote code or cause a denial of...

HP - &#039;OmniInet.exe&#039; MSG_PROTOCOL Buffer Overflow (Metasploit) (1)

$Id: hpomniinet2.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

HP - &#039;OmniInet.exe&#039; MSG_PROTOCOL Buffer Overflow (Metasploit) (2)

$Id: hpomniinet1.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

HP Data Protector Express privilege escalation

Buffer overflow in DtbClsLogin...

ZDI-10-174: Hewlett-Packard Data Protector DtbClsLogin Utf8cpy Remote Code Execution Vulnerability

ZDI-10-174: Hewlett-Packard Data Protector DtbClsLogin Utf8cpy Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-174 September 13, 2010 -- CVE ID: CVE-2010-3007 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Hewlett-Packard -- Affected Products:...

CVE-2010-3008

Unspecified vulnerability in HP Data Protector Express, and Data Protector Express Single Server Edition SSE, 3.x before build 56936 and 4.x before build 56906 on Windows allows local users to gain privileges or cause a denial of service via unknown vectors, a different vulnerability than...

Code injection

Unspecified vulnerability in HP Data Protector Express, and Data Protector Express Single Server Edition SSE, 3.x before build 56936 and 4.x before build 56906 on Windows allows local users to gain privileges or cause a denial of service via unknown vectors, a different vulnerability than...

CVE-2010-3008

Unspecified vulnerability in HP Data Protector Express, and Data Protector Express Single Server Edition SSE, 3.x before build 56936 and 4.x before build 56906 on Windows allows local users to gain privileges or cause a denial of service via unknown vectors, a different vulnerability than...

CVE-2010-3008

HP Data Protector Express/Express SSE on Windows is affected by a stack buffer overflow in the DtbClsLogin path (dpwindtb.dll) that copies user input into a stack buffer via Utf8Cpy, leading to local privilege escalation or denial of service. Affected versions are 3.x before build 56936 and 4.x b...

Hewlett-Packard Data Protector Express PrvRecvRqu Remote Denial of Service Vulnerability

This vulnerability allows remote attackers to trigger a denial of service condition on vulnerable installations of Hewlett-Packard Data Protector. Authentication is not required to exploit this vulnerability. The specific flaw exists within the function PrvRecvRqu defined in the module dpwinsup...

Hewlett-Packard Data Protector DtbClsLogin Utf8cpy Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Data Protector. Authentication is not required to exploit this vulnerability. The specific flaw exists within the function DtbClsLogin defined in the module dpwindtb.dll on Windows...

HP Data Protector Media Operations 6.11 (Multiple Modules) - Null Pointer Dereference Denial of Service

HP Data Protector Media Operations 6.11 Multiple Modules - Null Pointer Dereference Denial of Service Exploit Title: HP Data Protector Media Operations 6.11 Multiple NULL Pointer Dereference Local DoS 0day Date: 11/09/2010 Author: d0lc3 d0lc3xatgmaildomcom Author Link:...

[security bulletin] HPSBMA02576 SSRT090231 rev.1 - HP Data Protector Express and HP Data Protector Express Single Server Edition &#40;SSE&#41;, Local Denial of Service &#40;DoS&#41;, Execution of Arbitrary Code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02498535 Version: 1 HPSBMA02576 SSRT090231 rev.1 - HP Data Protector Express and HP Data Protector Express Single Server Edition SSE, Local Denial of Service DoS, Execution of Arbitrary Code...

HP Data Protector Media Operations 6.11 (Multiple Modules) - Null Pointer Dereference Denial of Service

Exploit Title: HP Data Protector Media Operations 6.11 Multiple NULL Pointer Dereference Local DoS 0day Date: 11/09/2010 Author: d0lc3 d0lc3xatgmaildomcom Author Link: http://elotrolad0.blogspot.com/ Software Link: trial https://h10078.www1.hp.com/cda/hpdc/navigation.do?...

CVE-2010-3007

Unspecified vulnerability in HP Data Protector Express, and Data Protector Express Single Server Edition SSE, 3.x before build 56936 and 4.x before build 56906 allows local users to gain privileges or cause a denial of service via unknown vectors...

Code injection

Unspecified vulnerability in HP Data Protector Express, and Data Protector Express Single Server Edition SSE, 3.x before build 56936 and 4.x before build 56906 allows local users to gain privileges or cause a denial of service via unknown vectors...

CVE-2010-3007

Unspecified vulnerability in HP Data Protector Express, and Data Protector Express Single Server Edition SSE, 3.x before build 56936 and 4.x before build 56906 allows local users to gain privileges or cause a denial of service via unknown vectors...

CVE-2010-3007

HP Data Protector Express/DP Express SSE is affected by a stack buffer overflow in the DtbClsLogin function (dpwindtb.dll) that can be triggered by supplying crafted input, with vulnerable versions including HP Data Protector 4.0 SP1 and related 3.x/4.x builds; exploitation can yield code executi...