CVE-2013-2332

HP Data Protector (v6.20/v6.21; v7.00/v7.01) is affected by a remote code execution vulnerability in crs.exe (opcode 260) that allows unauthenticated attackers to copy user-supplied data into a fixed-length stack buffer and execute code as SYSTEM. The issue affects the Cell Manager; vulnerable pa...

CVE-2013-2331

HP Data Protector (v6.20/v6.21/v7.00/v7.01) is vulnerable to a remote code execution due to a stack-based buffer overflow in crs.exe when parsing opcode 1092. The issue, ZDI-CAN-1652, allows unauthenticated, remote attackers to execute arbitrary code (SYSTEM context) on vulnerable installations. ...

CVE-2013-2328

CVE-2013-2328 affects HP Storage/Data Protector 6.20/6.21 and 7.00/7.01. A stack-based buffer overflow in crs.exe (within HP Data Protector) when parsing specific opcodes (215 and 263) allows remote code execution. This can occur without authentication and is exploitable over the network, with th...

CVE-2013-2327

HP Data Protector CVE-2013-2327 is a remote code execution flaw in crs.exe (opcode 264). Affected versions: 6.20/6.21 and 7.00/7.01. The vulnerability enables unauthenticated remote code execution with SYSTEM privileges by parsing a crafted opcode on the Cell Manager, listening on a random TCP po...

CVE-2013-2325

HP Data Protector (Storage Data Protector) CVE-2013-2325 affects HP Storage Data Protector v6.20/v6.21 and v7.00/v7.01. The Red Hat/ZeroDay and HP security bulletins describe a stack-based buffer overflow in the Cell Request service (crs.exe) when processing opcode 235, allowing remote attackers ...

CVE-2013-2333

Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1680...

CVE-2013-2334

HP Data Protector (Storage Data Protector) XP: CVE-2013-2334 affects HP Data Protector v6.20/v6.21 and v7.00/v7.01. The Red Hat/HP advisories describe a remote code execution risk via unspecified vectors, with the root cause tied to a crash/overflow in crs.exe (Cell Manager) that copies user-supp...

CVE-2013-2326

HP Data Protector CVE-2013-2326 affects Data Protector v6.20/v6.21 and v7.00/v7.01. The root cause is a stack buffer overflow in the Cell Request Service (crs.exe) when processing opcode 234, allowing remote attackers to cause arbitrary code execution. Exploitation is possible remotely and unauth...

CVE-2013-2331

Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1652...

CVE-2013-2333

HP Data Protector contains a remote code execution vulnerability (CVE-2013-2333) in the CRS.exe Cell Request Service caused by a stack-based buffer overflow when processing opcode 211. A remote attacker can send a crafted request to the vulnerable CRS service (which listens on a random port) to e...

CVE-2013-2335

HP Data Protector (v6.20/6.21; v7.00/7.01) contains a remote code execution vulnerability in the Cell Request Service crs.exe triggered by opcode 227. The flaw allows a remote attacker to cause a stack buffer overflow and execute arbitrary code with SYSTEM privileges by sending a crafted request ...

CVE-2013-3951

sys/openbsd/stackprotector.c in libc in Apple iOS 6.1.3 and Mac OS X 10.8.x does not properly parse the Apple strings employed in the user-space stack-cookie implementation, which allows local users to bypass cookie randomization by executing a program with a call-path beginning with the...

CVE-2013-3951

sys/openbsd/stackprotector.c in libc in Apple iOS 6.1.3 and Mac OS X 10.8.x does not properly parse the Apple strings employed in the user-space stack-cookie implementation, which allows local users to bypass cookie randomization by executing a program with a call-path beginning with the...

HP Data Protector multiple security vulnerabilities

Privilege escalation, code execution, DoS...

[security bulletin] HPSBMU02883 SSRT101227 rev.1 - HP Data Protector, Remote Increase of Privilege, Denial of Service (DoS), Execution of Arbitrary Code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03781657 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03781657 Version: 1 HPSBMU02883...

HP Data Protector Create New Folder Buffer Overflow (CVE-2012-0124)

A stack buffer overflow vulnerability has been reported in HP Data Protector 5. The vulnerability is due to insecure handling of file names when creating new folders. An unauthenticated remote attacker can exploit this vulnerability by sending a malicious request to the vulnerable server. A...

HP Data Protector Manager MMD Service Stack Buffer Overflow - Improved Performance

HP OpenView Storage Data Protector is a backup solution tailored for enterprise and distributed environments. The Data Protector environment consists of a Cell Manager, backup agents, and backup device servers. A stack buffer overflow vulnerability has been reported in HP Data Protector manager...

HP Data Protector privilege escalation

No description provided...

[security bulletin] HPSBMU02830 SSRT100889 rev.2 - HP Data Protector, Local Increase of Privilege

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03570121 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03570121 Version: 2 HPSBMU02830...

CVE-2012-5220

Unspecified vulnerability in HP Storage Data Protector 6.20, 6.21, 7.00, and 7.01 allows local users to gain privileges via unknown vectors...