HP OpenView Storage Data Protector Code Execution Vulnerabilities

Last Update Date: 3 May 2011 17:51 Release Date: 3 May 2011 6255 Views

RISK: Medium Risk

Medium Risk

TYPE: Security software and application - Security Software & Appliance

TYPE: Security Software & Appliance

Multiple vulnerabilities have been identified in HP OpenView Storage Data Protector, which could be exploited by remote attackers to gain knowledge of sensitive information or compromise a vulnerable system. These issues are caused by buffer overflows and directory traversal errors in the Backup Client Service (OmniInet.exe) when processing user-supplied packets, which could be exploited by remote unauthenticated attackers to view or download arbitrary files on a vulnerable system or execute arbitrary code with SYSTEM privileges.

Impact

  • Remote Code Execution
  • Information Disclosure

System / Technologies affected

  • HP OpenView Storage Data Protector version 6.00 (Windows)
  • HP OpenView Storage Data Protector version 6.10 (Windows)
  • HP OpenView Storage Data Protector version 6.11 (Windows)

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Mozilla Products Mulitple Vulnerabilities

3 May 2011 5916 Views

Next

Check Point SSL VPN On-Demand Applications Remote Code Execution Vulnerability

4 May 2011 5814 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY