7 matches found
HP Data Protector 8.10 Remote Command Execution Exploit
Exploit for windows platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'HP Data Protector 8.10 Remote Command Execution', 'Description' = %q This...
HP Data Protector 8.10 - Remote Command Execution (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'HP Data Protector 8.10 Remote Command Execution', 'Description' = %q This module exploits a remote command execution on HP Data...
HP Data Protector 8.10 Remote Command Execution
This module exploits a remote command execution on HP Data Protector 8.10. Arbitrary commands can be executed by sending crafted requests with opcode 28 to the OmniInet service listening on the TCP/5555 port. Since there is a strict length limitation on the command, rundll32.exe is executed, and...
HP Data Protector EXEC_BAR Remote Command Execution
The omniinet service, which runs by default on port 5555, is susceptible to numerous remotely exploitable vulnerabilities. By sending a malicious EXECBAR packet opcode 11, a remote attacker can force the omniinet service to run an arbitrary command. On Windows, the omniinet service is running as...
HP Data Protector - 'EXEC_BAR' Remote Command Execution
import argparse import socket """ Exploit Title: HP Data Protector EXECBAR Remote Command Execution Exploit Author: Chris Graham @cgrahamseven CVE: CVE-2013-2347 Date: February 14, 2014 Vendor Homepage: www.hp.com Version: 6.10, 6.11, 6.20 Tested On: Windows Server 2003, Windows Server 2008 R2...
HP Data Protector - EXEC_BAR Remote Command Execution
HP Data Protector - EXECBAR Remote Command Execution import argparse import socket """ Exploit Title: HP Data Protector EXECBAR Remote Command Execution Exploit Author: Chris Graham @cgrahamseven CVE: CVE-2013-2347 Date: February 14, 2014 Vendor Homepage: www.hp.com Version: 6.10, 6.11, 6.20 Test...
Update Protection against HP Data Protector OmniInet Service Null Dereference Denial of Service
A denial of service vulnerability exists in HP Data Protector OmniInet Service, one of the processes of the HP OpenView Storage Data Protector. Remote attackers could exploit this vulnerability by sending a maliciously crafted request to the target server. Successful exploitation could result in ...