the original cloud security
Showing 1 - 4 of 4 RSS Feed

CVE-2011-1865

Status Candidate

Overview

Multiple stack-based buffer overflows in the inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allow remote attackers to execute arbitrary code via a request containing crafted parameters.

Related Files

HP OmniInet.exe Opcode 20 Buffer Overflow
Posted Jul 4, 2011
Authored by muts, Oren Isacson, corelanc0d3r, sinn3r, dookie2000ca | Site metasploit.com

This Metasploit module exploits a vulnerability found in HP Data Protector's OmniInet process. By supplying a long string of data as the file path with opcode '20', a buffer overflow can occur when this data is being written on the stack where no proper bounds checking is done beforehand, which results arbitrary code execution under the context of SYSTEM. This Metasploit module is also made against systems such as Windows Server 2003 or Windows Server 2008 that have DEP and/or ASLR enabled by default.

tags | exploit, overflow, arbitrary, code execution
systems | windows
advisories | CVE-2011-1865
MD5 | d5941ae7d6cb0b4259d0ff0fa19cc119
HP Security Bulletin HPSBMU02686 SSRT100541 3
Posted Jul 3, 2011
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU02686 SSRT100541 3 - Potential security vulnerabilities has been identified with HP OpenView Storage Data Protector. These vulnerabilities could be remotely exploited to execute arbitrary code. Revision 3 of this advisory.

tags | advisory, arbitrary, vulnerability
advisories | CVE-2011-1865, CVE-2011-1866
MD5 | 1f92983b291f5f2c0159161de5dab52e
HP OmniInet.exe Opcode 27 Buffer Overflow
Posted Jul 2, 2011
Authored by MC | Site metasploit.com

This Metasploit module exploits a buffer overflow in the Hewlett-Packard OmniInet NT Service. By sending a specially crafted opcode 27 packet, a remote attacker may be able to execute arbitrary code.

tags | exploit, remote, overflow, arbitrary
advisories | CVE-2011-1865
MD5 | 84c3bef985fb6bcf369e9319c62fe222
Core Security Technologies Advisory 2011.0514
Posted Jun 30, 2011
Authored by Core Security Technologies, Oren Isacson | Site coresecurity.com

Core Security Technologies Advisory - HP Data Protector is an automated backup and recovery software for single-server to enterprise environments. Multiple vulnerabilities have been found in HP Data Protector that could allow a remote attacker to execute arbitrary code and lead to denial of service conditions. The vulnerabilities are triggered by sending a request to port 5555 of a host running the "data protector inet" service, part of HP Data Protector. The request has several parameters, including an opcode. By sending requests with specially crafted parameters, the different bugs can be triggered.

tags | exploit, remote, denial of service, arbitrary, vulnerability
advisories | CVE-2011-1865, CVE-2011-1514, CVE-2011-1515
MD5 | abd37569821fe8444da64f3385882387
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    6 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close