Lucene search
K
HpStorage Data Protector

24 matches found

CVE
CVE
added 2013/06/06 10:0 a.m.136 views

CVE-2013-2332

HP Data Protector (v6.20/v6.21; v7.00/v7.01) is affected by a remote code execution vulnerability in crs.exe (opcode 260) that allows unauthenticated attackers to copy user-supplied data into a fixed-length stack buffer and execute code as SYSTEM. The issue affects the Cell Manager; vulnerable pa...

10CVSS7.8AI score0.61043EPSS
CVE
CVE
added 2013/06/06 10:0 a.m.134 views

CVE-2013-2334

HP Data Protector (Storage Data Protector) XP: CVE-2013-2334 affects HP Data Protector v6.20/v6.21 and v7.00/v7.01. The Red Hat/HP advisories describe a remote code execution risk via unspecified vectors, with the root cause tied to a crash/overflow in crs.exe (Cell Manager) that copies user-supp...

10CVSS7.8AI score0.47128EPSS
CVE
CVE
added 2013/06/06 10:0 a.m.125 views

CVE-2013-2328

CVE-2013-2328 affects HP Storage/Data Protector 6.20/6.21 and 7.00/7.01. A stack-based buffer overflow in crs.exe (within HP Data Protector) when parsing specific opcodes (215 and 263) allows remote code execution. This can occur without authentication and is exploitable over the network, with th...

10CVSS7.8AI score0.61043EPSS
CVE
CVE
added 2013/06/06 10:0 a.m.125 views

CVE-2013-2331

HP Data Protector (v6.20/v6.21/v7.00/v7.01) is vulnerable to a remote code execution due to a stack-based buffer overflow in crs.exe when parsing opcode 1092. The issue, ZDI-CAN-1652, allows unauthenticated, remote attackers to execute arbitrary code (SYSTEM context) on vulnerable installations. ...

10CVSS7.8AI score0.61043EPSS
CVE
CVE
added 2013/06/06 10:0 a.m.124 views

CVE-2013-2327

HP Data Protector CVE-2013-2327 is a remote code execution flaw in crs.exe (opcode 264). Affected versions: 6.20/6.21 and 7.00/7.01. The vulnerability enables unauthenticated remote code execution with SYSTEM privileges by parsing a crafted opcode on the Cell Manager, listening on a random TCP po...

10CVSS7.8AI score0.61043EPSS
CVE
CVE
added 2013/06/06 10:0 a.m.122 views

CVE-2013-2325

HP Data Protector (Storage Data Protector) CVE-2013-2325 affects HP Storage Data Protector v6.20/v6.21 and v7.00/v7.01. The Red Hat/ZeroDay and HP security bulletins describe a stack-based buffer overflow in the Cell Request service (crs.exe) when processing opcode 235, allowing remote attackers ...

10CVSS7.8AI score0.61043EPSS
CVE
CVE
added 2014/07/18 1:0 a.m.92 views

CVE-2014-2623

CVE-2014-2623 affects HPE Data Protector 8.x (and related 8.x prior to 8.15 and other lines per later notes) where remote code execution is possible due to lack of authentication in the Data Protector components (e.g., OmniInet/agents). Public evidence includes Metasploit and Exploit-DB entries d...

10CVSS9.5AI score0.89394EPSS
Web
CVE
CVE
added 2014/01/04 2:0 a.m.79 views

CVE-2013-2347

HP Data Protector Backup Client Service (OmniInet.exe) in HP Data Protector 6.2X is vulnerable to remote command execution via the EXEC_BAR opcode (11) sent to TCP port 5555, enabling an attacker to run arbitrary commands or cause a DoS. Public exploits and proofs of concept exist (e.g., Metasplo...

10CVSS7.4AI score0.66409EPSS
CVE
CVE
added 2014/01/04 2:0 a.m.78 views

CVE-2013-6195

CVE-2013-6195 is documented as an unspecified remote vulnerability in HP Storage Data Protector 6.2X that could allow remote code execution or DoS. Connected sources identify HP Data Protector patches and advisories (HPSBMU02895) addressing multiple CVEs, including 2013-6195, with platform-specif...

10CVSS7.8AI score0.10436EPSS
CVE
CVE
added 2013/06/06 10:0 a.m.71 views

CVE-2013-2333

HP Data Protector contains a remote code execution vulnerability (CVE-2013-2333) in the CRS.exe Cell Request Service caused by a stack-based buffer overflow when processing opcode 211. A remote attacker can send a crafted request to the vulnerable CRS service (which listens on a random port) to e...

10CVSS7.6AI score0.89809EPSS
CVE
CVE
added 2014/01/04 2:0 a.m.70 views

CVE-2013-6194

CVE-2013-6194 is an input-validation/directory-traversal vulnerability in HP Data Protector (Backup Client Service) exploited via Opcode 42, enabling remote attackers to write arbitrary files and potentially achieve code execution. Multiple connected advisories (CPAIs) and Nessus/OpenVAS entries ...

10CVSS7.7AI score0.65924EPSS
Web
CVE
CVE
added 2013/06/06 10:0 a.m.67 views

CVE-2013-2330

CVE-2013-2330 affects HP Storage/Data Protector. The vulnerability is a stack-based buffer overflow in the Cell Request service (crs.exe) when processing opcode 305, enabling remote arbitrary code execution. Exploitation is unauthenticated and can run with SYSTEM/privileged context on affected Wi...

10CVSS7.8AI score0.61043EPSS
CVE
CVE
added 2014/01/04 2:0 a.m.66 views

CVE-2013-2344

HP Storage/Data Protector 6.2X is vulnerable to remote code execution and DoS via the OmniInet/omniinet service (default port 5555). CVE-2013-2344 (ZDI-1866) and related CVEs describe multiple remote vulnerabilities leading to arbitrary code execution or privilege escalation. HP’s security bullet...

10CVSS7.8AI score0.10436EPSS
CVE
CVE
added 2014/01/04 2:0 a.m.66 views

CVE-2013-2348

CVE-2013-2348 affects HP Data Protector (HP Storage/Data Protector Open View Storage Data Protector). The issue exists in the OmniInet.exe Backup Client Service, which listens on TCP port 5555. A remote attacker can send crafted OmniInet messages (opcode 45/46 per ZDI-14-002) to trigger insuffici...

10CVSS7.7AI score0.10436EPSS
CVE
CVE
added 2014/01/04 2:0 a.m.59 views

CVE-2013-2349

CVE-2013-2349 concerns HP Storage Data Protector 6.2X with an unspecified vulnerability that enables remote code execution or a DoS via unknown vectors (ZDI-CAN-1896). Multiple connected advisories reference this family of vulnerabilities affecting HP Data Protector/OpenView Data Protector across...

10CVSS7.8AI score0.10436EPSS
CVE
CVE
added 2015/04/26 10:0 a.m.59 views

CVE-2015-2116

CVE-2015-2116 affects HP Data Protector (Storage Data Protector) 7.x, specifically vulnerable until 7.03 Build 107 (patches to 7.03 Build 107 required after updating from 7.03 Build 105). HP’s Security Bulletin HPSBMU03321 confirms remote privilege escalation, DoS, and arbitrary code execution co...

9CVSS7.6AI score0.04903EPSS
CVE
CVE
added 2013/06/06 10:0 a.m.58 views

CVE-2013-2324

CVE-2013-2324 affects HP Storage/Data Protector (v6.20/v6.21 and v7.00/v7.01). The Red Hat/HP advisories describe a stack buffer overflow in the CRS service (CRS.exe) triggered by parsing certain opcodes (207, 210, 236, 243, 265). This allows a remote, unauthenticated attacker to run arbitrary co...

10CVSS7.8AI score0.39116EPSS
CVE
CVE
added 2014/01/04 2:0 a.m.55 views

CVE-2013-2345

HP Data Protector (Storage Data Protector) 6.2X is affected by CVE-2013-2345, a remote vulnerability enabling arbitrary code execution or DoS. Affected: HP Storage Data Protector v6.2X on HP-UX 11i, Windows Server 2003/2008, Solaris, Linux. Root cause: remote vulnerability with high impact (CVE-2...

10CVSS7.8AI score0.10436EPSS
CVE
CVE
added 2013/06/06 10:0 a.m.53 views

CVE-2013-2326

HP Data Protector CVE-2013-2326 affects Data Protector v6.20/v6.21 and v7.00/v7.01. The root cause is a stack buffer overflow in the Cell Request Service (crs.exe) when processing opcode 234, allowing remote attackers to cause arbitrary code execution. Exploitation is possible remotely and unauth...

10CVSS7.8AI score0.61043EPSS
CVE
CVE
added 2014/01/04 2:0 a.m.52 views

CVE-2013-2346

CVE-2013-2346 affects HP Storage Data Protector 6.2X (HP OpenView Data Protector). The vulnerability allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors (ZDI-1870). HP published security guidance HPSBMU02895 and patches to resolve the issues, with af...

10CVSS7.8AI score0.10436EPSS
CVE
CVE
added 2013/06/06 10:0 a.m.51 views

CVE-2013-2329

HP Data Protector (CRS opcode 259) is affected by a stack-based buffer overflow in crs.exe when processing opcode 259, allowing a remote, unauthenticated attacker to execute arbitrary code. Affected versions include 6.20, 6.21, 7.00, and 7.01; the flaw occurs during parsing of opcode 259 and is e...

10CVSS7.7AI score0.61043EPSS
CVE
CVE
added 2013/04/26 10:0 a.m.48 views

CVE-2012-5220

CVE-2012-5220 affects HP Storage Data Protector 6.20/6.21/7.00/7.01 with a local privilege-escalation vulnerability. Root cause is described as an unspecified vulnerability allowing local users to gain privileges via unknown vectors. HP’s Security Bulletin HPSBMU02830 lists affected versions and ...

7.2CVSS6.6AI score0.00642EPSS
CVE
CVE
added 2013/06/06 10:0 a.m.45 views

CVE-2013-2335

HP Data Protector (v6.20/6.21; v7.00/7.01) contains a remote code execution vulnerability in the Cell Request Service crs.exe triggered by opcode 227. The flaw allows a remote attacker to cause a stack buffer overflow and execute arbitrary code with SYSTEM privileges by sending a crafted request ...

10CVSS7.8AI score0.61043EPSS
CVE
CVE
added 2014/01/04 2:0 a.m.45 views

CVE-2013-2350

HP Storage Data Protector 6.2X is affected by CVE-2013-2350, with remote attackers able to execute arbitrary code or cause a DoS via unspecified vectors (ZDI-CAN-1897). HP's related security bulletin HPSBMU02895 lists affected platforms and provides patches: HP-UX (PHSS_43780/PHSS_43781), Linux (...

10CVSS7.8AI score0.10436EPSS