ID CVE-2013-2347
Summary The Backup Client Service (OmniInet.exe) in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary commands or cause a denial of service via a crafted EXEC_BAR packet to TCP port 5555, aka ZDI-CAN-1885.
References
Vulnerable Configurations
  • cpe:2.3:a:hp:storage_data_protector:6.20:-:*:*:*:hp-ux:*:*
    cpe:2.3:a:hp:storage_data_protector:6.20:-:*:*:*:hp-ux:*:*
  • cpe:2.3:a:hp:storage_data_protector:6.20:-:*:*:*:redhat_enterprise_linux:*:*
    cpe:2.3:a:hp:storage_data_protector:6.20:-:*:*:*:redhat_enterprise_linux:*:*
  • cpe:2.3:a:hp:storage_data_protector:6.20:-:*:*:*:solaris:*:*
    cpe:2.3:a:hp:storage_data_protector:6.20:-:*:*:*:solaris:*:*
  • cpe:2.3:a:hp:storage_data_protector:6.20:-:*:*:*:windows_server_2003:*:*
    cpe:2.3:a:hp:storage_data_protector:6.20:-:*:*:*:windows_server_2003:*:*
  • cpe:2.3:a:hp:storage_data_protector:6.20:-:*:*:*:windows_server_2008:*:*
    cpe:2.3:a:hp:storage_data_protector:6.20:-:*:*:*:windows_server_2008:*:*
  • cpe:2.3:a:hp:storage_data_protector:6.21:-:*:*:*:hp-ux:*:*
    cpe:2.3:a:hp:storage_data_protector:6.21:-:*:*:*:hp-ux:*:*
  • cpe:2.3:a:hp:storage_data_protector:6.21:-:*:*:*:redhat_enterprise_linux:*:*
    cpe:2.3:a:hp:storage_data_protector:6.21:-:*:*:*:redhat_enterprise_linux:*:*
  • cpe:2.3:a:hp:storage_data_protector:6.21:-:*:*:*:solaris:*:*
    cpe:2.3:a:hp:storage_data_protector:6.21:-:*:*:*:solaris:*:*
  • cpe:2.3:a:hp:storage_data_protector:6.21:-:*:*:*:windows_server_2003:*:*
    cpe:2.3:a:hp:storage_data_protector:6.21:-:*:*:*:windows_server_2003:*:*
  • cpe:2.3:a:hp:storage_data_protector:6.21:-:*:*:*:windows_server_2008:*:*
    cpe:2.3:a:hp:storage_data_protector:6.21:-:*:*:*:windows_server_2008:*:*
CVSS
Base: 10.0 (as of 09-10-2019 - 23:07)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
refmap via4
exploit-db 32164
hp
  • HPSBMU02895
  • SSRT101220
  • SSRT101253
misc
saint via4
bid 64647
description HP Data Protector Backup Client Service EXEC_BAR Packet Vulnerability
osvdb 101626
title hp_data_protector_omniinet_exec_bar
type remote
Last major update 09-10-2019 - 23:07
Published 04-01-2014 - 04:51
Last modified 09-10-2019 - 23:07
Back to Top