Showing 1 - 3 of 3

CVE-2014-2623

Status Candidate

Overview

Unspecified vulnerability in HP Storage Data Protector 8.x allows remote attackers to execute arbitrary code via unknown vectors.

HP Data Protector 8.10 Remote Command Execution: Posted Mar 5, 2015; Authored by Christian Ramirez, Henoch Barrera | Site metasploit.com; This Metasploit module exploits a remote command execution on HP Data Protector 8.10. Arbitrary commands can be execute by sending crafted requests with opcode 28 to the OmniInet service listening on the TCP/5555 port. Since there is an strict length limitation on the command, rundll32.exe is executed, and the payload is provided through a DLL by a fake SMB server. This Metasploit module has been tested successfully on HP Data Protector 8.1 on Windows 7 SP1.; tags | exploit, remote, arbitrary, tcp; systems | windows; advisories | CVE-2014-2623; SHA-256 | 89250a8f7dc1b848654aafce5e82ef9c414a66231f1f99459b88ac7a0b954cc9; Download | Favorite | View

HP Security Bulletin HPSBMU03072 3: Posted Nov 18, 2014; Authored by HP | Site hp.com; HP Security Bulletin HPSBMU03072 3 - A potential security vulnerability has been identified with HP Data Protector. This vulnerability could be remotely exploited to execute arbitrary code. Revision 3 of this advisory.; tags | advisory, arbitrary; advisories | CVE-2014-2623; SHA-256 | 9da173f7d13011376d0325bd705cfe274d3cffca255633d7ed17afa810ba7d20; Download | Favorite | View

HP Security Bulletin HPSBMU03072 SSRT101644: Posted Jul 16, 2014; Authored by HP | Site hp.com; HP Security Bulletin HPSBMU03072 SSRT101644 - A potential security vulnerability has been identified with HP Data Protector. This vulnerability could be remotely exploited to execute arbitrary code. Revision 1 of this advisory.; tags | advisory, arbitrary; advisories | CVE-2014-2623; SHA-256 | b2ab6e14584863667d15fb117618e07354ef9957457802c05b651e4fba71c1fe; Download | Favorite | View

Page 1 of 1 Back 1 Next