Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1728

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2011-1728
Last Modified 06 Sep 2011 11:16:27
Published 07 May 2011 03:55:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2011-1728

Summary

Stack-based buffer overflow in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to execute arbitrary code via a malformed EXEC_BAR message.

Vulnerable Systems

Application

  • Hp Openview Storage Data Protector 6.00

  • Hp Openview Storage Data Protector 6.10

  • Hp Openview Storage Data Protector 6.11


References

MISC - http://zerodayinitiative.com/advisories/ZDI-11-144/

XF - hp-openview-data-code-exec(67201)

SECTRACK - 1025454

BID - 47638

BUGTRAQ - 20110429 ZDI-11-144: HP Data Protector Backup Client Service EXEC_BAR Remote Code Execution Vulnerability

SECUNIA - 44402

OSVDB - 72187

HP - SSRT100474

HP - HPSBMA02668


Last Updated: 27 May 2016 10:56:25