Exploit the possiblities
Showing 1 - 4 of 4 RSS Feed

CVE-2011-1865

Status Candidate

Overview

Multiple stack-based buffer overflows in the inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allow remote attackers to execute arbitrary code via a request containing crafted parameters.

Related Files

HP OmniInet.exe Opcode 20 Buffer Overflow
Posted Jul 4, 2011
Authored by muts, Oren Isacson, corelanc0d3r, sinn3r, dookie2000ca | Site metasploit.com

This Metasploit module exploits a vulnerability found in HP Data Protector's OmniInet process. By supplying a long string of data as the file path with opcode '20', a buffer overflow can occur when this data is being written on the stack where no proper bounds checking is done beforehand, which results arbitrary code execution under the context of SYSTEM. This Metasploit module is also made against systems such as Windows Server 2003 or Windows Server 2008 that have DEP and/or ASLR enabled by default.

tags | exploit, overflow, arbitrary, code execution
systems | windows
advisories | CVE-2011-1865
MD5 | d5941ae7d6cb0b4259d0ff0fa19cc119
HP Security Bulletin HPSBMU02686 SSRT100541 3
Posted Jul 3, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02686 SSRT100541 3 - Potential security vulnerabilities has been identified with HP OpenView Storage Data Protector. These vulnerabilities could be remotely exploited to execute arbitrary code. Revision 3 of this advisory.

tags | advisory, arbitrary, vulnerability
advisories | CVE-2011-1865, CVE-2011-1866
MD5 | 1f92983b291f5f2c0159161de5dab52e
HP OmniInet.exe Opcode 27 Buffer Overflow
Posted Jul 2, 2011
Authored by MC | Site metasploit.com

This Metasploit module exploits a buffer overflow in the Hewlett-Packard OmniInet NT Service. By sending a specially crafted opcode 27 packet, a remote attacker may be able to execute arbitrary code.

tags | exploit, remote, overflow, arbitrary
advisories | CVE-2011-1865
MD5 | 84c3bef985fb6bcf369e9319c62fe222
Core Security Technologies Advisory 2011.0514
Posted Jun 30, 2011
Authored by Core Security Technologies, Oren Isacson | Site coresecurity.com

Core Security Technologies Advisory - HP Data Protector is an automated backup and recovery software for single-server to enterprise environments. Multiple vulnerabilities have been found in HP Data Protector that could allow a remote attacker to execute arbitrary code and lead to denial of service conditions. The vulnerabilities are triggered by sending a request to port 5555 of a host running the "data protector inet" service, part of HP Data Protector. The request has several parameters, including an opcode. By sending requests with specially crafted parameters, the different bugs can be triggered.

tags | exploit, remote, denial of service, arbitrary, vulnerability
advisories | CVE-2011-1865, CVE-2011-1514, CVE-2011-1515
MD5 | abd37569821fe8444da64f3385882387
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

January 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    16 Files
  • 4
    Jan 4th
    39 Files
  • 5
    Jan 5th
    26 Files
  • 6
    Jan 6th
    40 Files
  • 7
    Jan 7th
    2 Files
  • 8
    Jan 8th
    16 Files
  • 9
    Jan 9th
    25 Files
  • 10
    Jan 10th
    28 Files
  • 11
    Jan 11th
    44 Files
  • 12
    Jan 12th
    32 Files
  • 13
    Jan 13th
    2 Files
  • 14
    Jan 14th
    4 Files
  • 15
    Jan 15th
    31 Files
  • 16
    Jan 16th
    15 Files
  • 17
    Jan 17th
    16 Files
  • 18
    Jan 18th
    8 Files
  • 19
    Jan 19th
    0 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close