HP Data Protector Client EXEC_CMD Remote Code Execution

Exploit for windows platform in category remote exploits !/usr/bin/env python Exploit Title: HP Data Protector Client EXECCMD Remote Code Execution Vulnerability Date: 2012-12-06 Exploit Author: Ben Turner Vendor Homepage: www.hp.com Version: 6.11 & 6.20 Tested on: Windows 2003 Server SP2 en CVE:...

HP Data Protector Client - EXEC_CMD Remote Code Execution

!/usr/bin/env python Exploit Title: HP Data Protector Client EXECCMD Remote Code Execution Vulnerability Date: 2012-12-06 Exploit Author: Ben Turner Vendor Homepage: www.hp.com Version: 6.11 & 6.20 Tested on: Windows 2003 Server SP2 en CVE: CVE-2011-0922 Notes: ZDI-11-056 Reference:...

HP Data Protector Media Operations Directory Traversal

An information disclosure vulnerability has been reported in HP Data Protector Media Operations server...

HP Data Protector LogClientInstallation Method Userid Field SQL Execution

The HP Data Protector DPNECentral web service listening on this port contains a SQL injection vulnerability because it fails to properly sanitize user-supplied input to the userid field of its LogClientInstallation method before using it in a database query. This may allow an attacker to read and...

HP Data Protector DPNECentral Web Service Detection

HP Data Protector DPNECentral Web Service, a component of HP Data Protector for managing backup policies, is hosted on the remote web server. This service is installed with HP Data Protector for PCs, HP Data Protector Notebook Extension, and possibly other HP Data Protector software. C Tenable...

HP Data Protector Multiple Products RequestCopy SQL Injection (CVE-2011-3158)

An SQL injection vulnerability has been reported in multiple HP Data Protector products...

HP Data Protector 6.1 EXEC_CMD Command Execution

This module exploits HP Data Protector's omniinet process, specifically against a Windows setup. When an EXECCMD packet is sent, omniinet.exe will attempt to look for that user-supplied filename with kernel32!FindFirstFileW. If the file is found, the process will then go ahead execute it with...

HP Data Protector Express 5.x < 5.0.0 Build 59287 / 6.x < 6.0.0 Build 11974 Multiple Vulnerabilities

The version of HP Data Protector Express installed on the remote Windows host is 5.x earlier than 5.0.0 build 59287 or 6.x earlier than 6.0.0 build 11974. As such, it is potentially affected by multiple unspecified denial of service and code execution vulnerabilities. C Tenable Network Security,...

HP Data Protector Express Installed

HP Data Protector Express, a backup application, is installed on the remote Windows host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid58398; scriptversion"1.9"; scriptsetattributeattribute:"pluginmodificationdate", value:"2022/10/10"; scriptnameenglish:"HP Data...

HP Data Protector Multiple Products GetPolicies SQL Injection (CVE-2011-3157)

An SQL injection vulnerability has been reported in multiple HP Data Protector products...

[security bulletin] HPSBMU02746 SSRT100781 rev.1 - HP Data Protector Express, Remote Denial of Service &#40;DoS&#41;, Execution of Arbitrary Code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03229235 Version: 1 HPSBMU02746 SSRT100781 rev.1 - HP Data Protector Express, Remote Denial of Service DoS, Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be...

HP Data Protector Multiple Products FinishedCopy SQL Injection (CVE-2011-3162)

An SQL injection vulnerability has been reported in multiple HP Data Protector products...

CVE-2012-0122

Unspecified vulnerability in HP Data Protector Express aka DPX 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1393...

CVE-2012-0121

Unspecified vulnerability in HP Data Protector Express aka DPX 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1392...

CVE-2012-0124

Unspecified vulnerability in HP Data Protector Express aka DPX 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors...

CVE-2012-0123

Unspecified vulnerability in HP Data Protector Express aka DPX 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1498...

Code injection

Unspecified vulnerability in HP Data Protector Express aka DPX 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1392...

Code injection

Unspecified vulnerability in HP Data Protector Express aka DPX 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1498...

Code injection

Unspecified vulnerability in HP Data Protector Express aka DPX 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors, aka ZDI-CAN-1393...

Code injection

Unspecified vulnerability in HP Data Protector Express aka DPX 5.0.00 before build 59287 and 6.0.00 before build 11974 allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors...