CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
41.7%
Added: 06/06/2006
CVE: CVE-2001-0311
BID: 11032
OSVDB: 6018
HP OpenView is a suite of tools for managing networks. The OmniBack component provides backup and restoration capabilities.
A directory traversal vulnerability in the OmniBack service allows a remote attacker to run a command processor outside the defined directory. By specifying the path to a shell interpreter, a remote attacker could gain the ability to execute arbitrary commands.
Apply the patch referenced in HPSBUX0102-142.