HP Data Protector Backup Client Service GET_FILE Buffer Overflow (CVE-2011-1729)

A remote code execution vulnerability has been reported in HP Data Protector. The vulnerability is due to insufficient boundary checks of user-supplied parameters in the vulnerable function while handling GETFILE messages. A remote attacker could exploit this vulnerability by sending a malformed...

HP OpenView Storage Data Protector Backup Client Service GET_FILE Message Processing Overflow

Added: 05/09/2011 CVE: CVE-2011-1729 BID: 47638 OSVDB: 72188 Background HP OpenView Storage Data Protector is a backup solution for enterprise and distributed environments. Problem A remote code execution vulnerability exists in HP Data Protector Backup Client Service due to a buffer overflow in...

CVE-2011-1729

HP OpenView Storage Data Protector Backup Client Service (OmniInet.exe) on Windows is vulnerable to a stack-based buffer overflow when processing GET_FILE messages, enabling remote code execution by unauthenticated attackers. Affected versions include Data Protector 6.00, 6.10, and 6.11. The issu...

ZDI-11-145: HP Data Protector Backup Client Service GET_FILE Remote Code Execution Vulnerability

ZDI-11-145: HP Data Protector Backup Client Service GETFILE Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-145 April 29, 2011 -- CVE ID: CVE-2011-1729 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Hewlett-Packard -- Affected Products:...