Lucene search
Andrea Micalizzi aka rgodZDI-11-326HistoryNov 07, 2011 - 12:00 a.m.
HP Data Protector Notebook Extension Policy Server LogClientInstallation Remote SQL Injection Vulnerabilty
2011-11-0700:00:00
Andrea Micalizzi aka rgod
www.zerodayinitiative.com
12
0.932 High
EPSS
Percentile
99.1%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Data Protector Notebook Extension. Authentication is not required to exploit this vulnerability. The flaw exists within the dpnepolicyservice component which exposes a DPNECentral Web Service on TCP port 80. This service contains a method LogClientInstallation which does not properly validate or sanitize the userid field of a user supplied request. This value is later used when constructing a query to fulfill the provided request. A remote attacker can exploit this vulnerability to execute arbitrary queries under the context of the service.
Related
cve
cve
CVE-2011-3156
2011-10-19 15:55:01
checkpoint_advisories
checkpoint_advisories
cvelist
cvelist
CVE-2011-3156
2011-10-19 15:00:00
nessus
nessus
HP Data Protector LogClientInstallation Method Userid Field SQL Execution
2012-03-29 00:00:00
prion
prion
Code injection
2011-10-19 15:55:00
nvd
nvd
CVE-2011-3156
2011-10-19 15:55:01
securityvulns
securityvulns