ZDI-11-151: HP Data Protector Backup Client Service bm Message Processing Remote Code Execution Vulnerability

ZDI-11-151: HP Data Protector Backup Client Service bm Message Processing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-151 April 29, 2011 -- CVE ID: CVE-2011-1735 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Hewlett-Packard -- Affected...

ZDI-11-145: HP Data Protector Backup Client Service GET_FILE Remote Code Execution Vulnerability

ZDI-11-145: HP Data Protector Backup Client Service GETFILE Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-145 April 29, 2011 -- CVE ID: CVE-2011-1729 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Hewlett-Packard -- Affected Products:...

ZDI-11-152: HP Data Protector Backup Client Service GET_FILE Directory Traversal Vulnerability

ZDI-11-152: HP Data Protector Backup Client Service GETFILE Directory Traversal Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-152 April 29, 2011 -- CVE ID: CVE-2011-1736 -- CVSS: 7.8, AV:N/AC:L/Au:N/C:C/I:N/A:N -- Affected Vendors: Hewlett-Packard -- Affected Products:...

HP Data Protector Backup Client Service HPFGConfig Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP OpenView Data Protector. Authentication is not required to exploit this vulnerability. This specific flaw exists in the Backup Client Service OmniInet.exe. The Backup Client Service listens on T...

HP Data Protector Backup Client Service EXEC_INTEGUTIL Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP OpenView Data Protector. Authentication is not required to exploit this vulnerability. This specific flaw exists in the Backup Client Service OmniInet.exe. The Backup Client Service listens on T...

HP Data Protector Backup Client Service EXEC_BAR Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP OpenView Data Protector. Authentication is not required to exploit this vulnerability. This specific flaw exists in the Backup Client Service OmniInet.exe. The Backup Client Service listens on T...

HP Data Protector Backup Client Service bm Message Processing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP OpenView Data Protector. Authentication is not required to exploit this vulnerability. This specific flaw exists in the Backup Client Service OmniInet.exe. The Backup Client Service listens on T...

HP Data Protector Backup Client Service omniiaputil Message Processing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP OpenView Data Protector. Authentication is not required to exploit this vulnerability. This specific flaw exists in the Backup Client Service OmniInet.exe. The Backup Client Service listens on T...

HP Data Protector Backup Client Service GET_FILE Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP OpenView Data Protector. Authentication is not required to exploit this vulnerability. This specific flaw exists in the Backup Client Service OmniInet.exe. The Backup Client Service listens on T...

HP Data Protector Backup Client Service GET_FILE Directory Traversal Vulnerability

This vulnerability allows remote attackers directory traversal on vulnerable installations of HP OpenView Data Protector. Authentication is not required to exploit this vulnerability. This specific flaw exists in the Backup Client Service OmniInet.exe. The Backup Client Service listens on TCP por...

HP Data Protector Backup Client Service stutil Message Processing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP OpenView Data Protector. Authentication is not required to exploit this vulnerability. This specific flaw exists in the Backup Client Service OmniInet.exe. The Backup Client Service listens on T...

HP Data Protector Backup Client Service EXEC_SCRIPT Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP OpenView Data Protector. Authentication is not required to exploit this vulnerability. This specific flaw exists in the Backup Client Service OmniInet.exe. The Backup Client Service listens on T...

[security bulletin] HPSBMA02654 SSRT100441 rev.1 - HP OpenView Storage Data Protector, Remote Execution of Arbitrary Code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02781143 Version: 1 HPSBMA02654 SSRT100441 rev.1 - HP OpenView Storage Data Protector, Remote Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be acted upon as...

HP OpenView Storage Data Protector code execution

No description provided...

HP Data Protector Manager RDS DOS

This module causes a remote DOS on HP Data Protector's RDS service. By sending a malformed packet to port 1530, rm32.dll causes RDS to crash due to an enormous size for malloc. This module requires Metasploit: https://metasploit.com/download Current source:...

HP Data Protector integer overflow

Data Protector Media Operations DBServer.exe TCP/19813integer overflow is unpatched for over 180 days...

ZDI-11-112: (0 day) Hewlett-Packard Data Protector Media Operations DBServer.exe Remote Code Execution Vulnerability

ZDI-11-112: 0 day Hewlett-Packard Data Protector Media Operations DBServer.exe Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-112 March 23, 2011 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Hewlett-Packard -- Affected Products: Hewlett-Packa...

(0 day) Hewlett-Packard Data Protector Media Operations DBServer.exe Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Data Protector. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DBServer.exe process which listens by default on TCP port 19813. While parsing a...

HP Data Protector OmniInet Service NULL Dereference Denial of Service

HP OpenView Storage Data Protector is a backup solution tailored for enterprise and distributed environments. The Data Protector environment consists of various components and processes: Cell Manager, OmniInet, backup agents, and backup device servers. The OmniInet process omniinet.exe is...

Update Protection against HP Data Protector Manager RDS Denial of Service

A denial of service vulnerability was reported in HP Data Protector Manager RDS service. The vulnerability is due to a design error while handling packets containing an overly large size value. Remote attackers could exploit this vulnerability by sending a crafted packet to the vulnerable service...