Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-0921

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2011-0921
Last Modified 14 Feb 2011 12:00:00
Published 08 Feb 2011 08:00:09
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-0921

Summary

crs.exe in the Cell Manager Service in the client in HP Data Protector does not properly validate credentials associated with the hostname, domain, and username, which allows remote attackers to execute arbitrary code by sending unspecified data over TCP, related to the webreporting client, the applet domain, and the java username.

Vulnerable Systems

Application

  • Hp Data Protector


References

MISC - http://zerodayinitiative.com/advisories/ZDI-11-057/

VUPEN - ADV-2011-0308

BID - 46234

MISC - http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-hp


Last Updated: 27 May 2016 10:56:06