896 matches found
CVE-2012-4761
Summary: CVE-2012-4761 affects Safend Data Protector Agent 3.4.5586.9772. The vulnerability arises from an unquoted Service Binary for SDPAgent/SDBAgent, enabling a local attacker to escalate privileges. What’s vulnerable: the Windows service path containing spaces (SDBAgent.exe/SDPAgent.exe) and...
CVE-2012-4761
A Privilege Escalation vulnerability exists in the unquoted Service Binary in SDPAgent or SDBAgent in Safend Data Protector Agent 3.4.5586.9772, which could let a local malicious user obtain privileges...
CVE-2012-4767
An issue exists in Safend Data Protector Agent 3.4.5586.9772 in the securitylayer.log file in the logs.9972 directory, which could let a malicious user decrypt and potentially change the Safend security policies applied to the machine...
Code injection
An issue exists in Safend Data Protector Agent 3.4.5586.9772 in the securitylayer.log file in the logs.9972 directory, which could let a malicious user decrypt and potentially change the Safend security policies applied to the machine...
CVE-2012-4760
A Privilege Escalation vulnerability exists in the SDBagent service in Safend Data Protector Agent 3.4.5586.9772, which could let a local malicious user obtain privileges...
CVE-2012-4760
CVE-2012-4760 and CVE-2012-4761 pertain to Safend Data Protector Agent 3.4.5586.9772. The issues involve the SDBAgent/SDPAgent components: (1) WRITE_DAC privileges granted to all local users on the SDBAgent.exe file, enabling a local user to rewrite ACLs and potentially gain full local admin priv...
CVE-2012-4767
An issue exists in Safend Data Protector Agent 3.4.5586.9772 in the securitylayer.log file in the logs.9972 directory, which could let a malicious user decrypt and potentially change the Safend security policies applied to the machine...
CVE-2012-4767
CVE-2012-4767 concerns Safend Data Protector Agent 3.4.5586.9772, where the securitylayer.log within logs.9972 allegedly exposes a private key, enabling a local attacker to decrypt communications and potentially alter the machine’s security policies. The NVD description states an attacker could d...
Micro Focus (HPE) Data Protector - SUID Privilege Escalation (Metasploit)
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Micro Focus HPE Data Protector SUID Privilege Escalation', 'Description' = %q This module exploits the trusted $PATH environment variable of the...
Micro Focus (HPE) Data Protector SUID Privilege Escalation Exploit
This Metasploit module exploits the trusted $PATH environment variable of the SUID binary omniresolve in Micro Focus HPE Data Protector versions A.10.40 and below. The omniresolve executable calls the oracleasm binary using a relative path and the trusted environment $PATH, which allows an attack...
Micro Focus (HPE) Data Protector SUID Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Micro Focus HPE Data Protector SUID Privilege Escalation', 'Description' = %q This module exploits the trusted $PATH environment variable of the...
Micro Focus (HPE) Data Protector SUID Privilege Escalation
This module exploits the trusted $PATH environment variable of the SUID binary omniresolve in Micro Focus HPE Data Protector A.10.40 and prior. The omniresolve executable calls the oracleasm binary using a relative path and the trusted environment $PATH, which allows an attacker to execute a cust...
CVE-2019-11660
Privileges manipulation in Micro Focus Data Protector, versions 10.00, 10.01, 10.02, 10.03, 10.04, 10.10, 10.20, 10.30, 10.40. This vulnerability could be exploited by a low-privileged user to execute a custom binary with higher privileges...
CVE-2019-11660
Privileges manipulation in Micro Focus Data Protector, versions 10.00, 10.01, 10.02, 10.03, 10.04, 10.10, 10.20, 10.30, 10.40. This vulnerability could be exploited by a low-privileged user to execute a custom binary with higher privileges...
Code injection
Privileges manipulation in Micro Focus Data Protector, versions 10.00, 10.01, 10.02, 10.03, 10.04, 10.10, 10.20, 10.30, 10.40. This vulnerability could be exploited by a low-privileged user to execute a custom binary with higher privileges...
CVE-2019-11660
Privileges manipulation in Micro Focus Data Protector, versions 10.00, 10.01, 10.02, 10.03, 10.04, 10.10, 10.20, 10.30, 10.40. This vulnerability could be exploited by a low-privileged user to execute a custom binary with higher privileges...
CVE-2019-11660
CVE-2019-11660 affects Micro Focus Data Protector (versions 10.00–10.40). A low-privilege user can abuse the SUID binary omniresolve, which calls oracleasm via a relative path using a trusted PATH, to execute a custom binary with root privileges. Impact is local privilege escalation (affecting co...
PT-2019-12462 · Micro Focus · Hp Data Protector
Name of the Vulnerable Software and Affected Versions: Micro Focus Data Protector versions 10.00 through 10.40 Description: The issue allows for privileges manipulation, potentially enabling a low-privileged user to execute a custom binary with higher privileges. Recommendations: For versions 10....
CVE-2019-11660
Privileges manipulation in Micro Focus Data Protector, versions 10.00, 10.01, 10.02, 10.03, 10.04, 10.10, 10.20, 10.30, 10.40. This vulnerability could be exploited by a low-privileged user to execute a custom binary with higher privileges. Recent assessments: pbarry-r7 at November 20, 2019 3:15p...
Non Compliant HP Data Protector
...