Showing 1 - 2 of 2

OSVDB: OSVDB-72526

HP Data Protector Arbitrary Remote Command Execution: Posted Aug 7, 2013; Authored by Alessandro Di Pinto, Claudio Moletta; This python script allows execution of a command with an arbitrary number of arguments. The trick calls 'perl.exe' interpreter installed with HP Data Protector inside the directory {install_path}/bin/. The main goal of the script is to bypass the limitation of executing only a single command without any parameter, as provided by already existing exploits. It is possible to exploit the security issue in order to run any command inside the target system.; tags | exploit, arbitrary, perl, python; advisories | CVE-2011-0923, OSVDB-72526; SHA-256 | f3af687e6ae93d7108daba5565a341cceceb6c51dd70cc03120b8c1910bc8e5c; Download | Favorite | View

HP Data Protector Arbitrary Remote Command Execution: Posted Aug 7, 2013; Authored by Alessandro Di Pinto, Claudio Moletta | Site metasploit.com; This Metasploit module allows execution of a command with an arbitrary number of arguments on Microsoft Windows operating systems. The trick calls a perl.exe interpreter installed with HP Data Protector inside the directory {install_path}/bin/. The main goal of the script is to bypass the limitation of execute only a single command without parameters, as provided by already existing exploits. It is possible to exploit the security issue in order to run any command inside the target system.; tags | exploit, arbitrary, perl; systems | windows; advisories | CVE-2011-0923, OSVDB-72526; SHA-256 | 5f0f9f62015fe421d3fb88ace93c276d32b36986aa82809a47927f87e8803536; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days