CVE-2014-5160

Multiple directory traversal vulnerabilities in crs.exe in the Cell Request Service in HP Data Protector allow remote attackers to create arbitrary files via an opcode-1091 request, or create or delete arbitrary files via an opcode-305 request. NOTE: the vendor reportedly asserts that this behavi...

Directory traversal

Multiple directory traversal vulnerabilities in crs.exe in the Cell Request Service in HP Data Protector allow remote attackers to create arbitrary files via an opcode-1091 request, or create or delete arbitrary files via an opcode-305 request. NOTE: the vendor reportedly asserts that this behavi...

CVE-2014-5160

HP Data Protector’s Cell Request Service crs.exe is affected by two directory traversal vulnerabilities (opcode 1091 and 305). The flaws allow remote, unauthenticated attackers to write or delete arbitrary files, with potential code execution in the service context. Affected component is crs.exe ...

PT-2014-6308 · Hewlett Packard · Hp Data Protector

Name of the Vulnerable Software and Affected Versions: HP Data Protector affected versions not specified Description: The issue allows remote attackers to create arbitrary files via an opcode-1091 request, or create or delete arbitrary files via an opcode-305 request. The vendor reportedly assert...

Hewlett-Packard Data Protector Cell Manager crs.exe Opcode 1091 Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Data Protector. Authentication is not required to exploit this vulnerability. The specific flaw exists within crs.exe which listens by default on a random TCP port. When parsing opcode 1091, the...