Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdiAnonymousAbdulAziz HaririZDI-11-024
HistoryJan 20, 2011 - 12:00 a.m.

Hewlett-Packard Data Protector Cell Manager Remote Code Execution Vulnerabilities

2011-01-2000:00:00
AnonymousAbdulAziz Hariri
www.zerodayinitiative.com
8

0.854 High

EPSS

Percentile

98.6%

JSON

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Data Protector Cell Manager. Authentication is not required to exploit these vulnerabilities. The specific flaws exist within the crs.exe process which listens on a random TCP port. The process fails to properly handle multiple message types and copies user-supplied data into fixed-length buffers. A remote attacker can abuse this to execute remote code under the context of the SYSTEM user.

Related

securityvulns 2
prion 1
cve 1
cvelist 1
nvd 1
nessus 2
securityvulns
securityvulns
HP OpenView Storage Data Protector code execution
2011-01-20 00:00:00
[security bulletin] HPSBMA02625 SSRT100138 rev.1 - HP OpenView Storage Data Protector, Remote Execution of Arbitrary Code
2011-01-20 00:00:00
prion
prion
Buffer overflow
2011-01-25 01:00:00
cve
cve
CVE-2011-0273
2011-01-25 01:00:02
cvelist
cvelist
CVE-2011-0273
2011-01-25 00:00:00
nvd
nvd
CVE-2011-0273
2011-01-25 01:00:02
nessus
nessus
HP-UX PHSS_41364 : s700_800 11.X OV DP6.11 HP-UX IA64 - Core patch
2012-03-06 00:00:00
HP-UX PHSS_41363 : s700_800 11.X OV DP6.11 HP-UX PA-Risc - Core patch
2012-03-06 00:00:00

0.854 High

EPSS

Percentile

98.6%

JSON
Related for ZDI-11-024
securityvulns2prion1cve1cvelist1nvd1nessus2