Vulnerability Details CVE-2011-1866
Buffer overflow in omniinet.exe in the inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allows remote attackers to execute arbitrary code via a crafted request, related to the EXEC_CMD functionality.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.664
EPSS Ranking 98.5%
CVSS Severity
CVSS v2 Score 10.0
References
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02872182
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02872182
- http://secunia.com/advisories/45100
- http://securityreason.com/securityalert/8289
- http://securitytracker.com/id?1025731
- http://www.coresecurity.com/content/HP-Data-Protector-EXECCMD-Vulnerability
- http://www.exploit-db.com/exploits/17461
- http://www.securityfocus.com/archive/1/518666/100/0/threaded
- http://www.securityfocus.com/bid/48488
- https://exchange.xforce.ibmcloud.com/vulnerabilities/68297
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02872182
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02872182
- http://secunia.com/advisories/45100
- http://securityreason.com/securityalert/8289
- http://securitytracker.com/id?1025731
- http://www.coresecurity.com/content/HP-Data-Protector-EXECCMD-Vulnerability
- http://www.exploit-db.com/exploits/17461
- http://www.securityfocus.com/archive/1/518666/100/0/threaded
- http://www.securityfocus.com/bid/48488
- https://exchange.xforce.ibmcloud.com/vulnerabilities/68297
Products affected by CVE-2011-1866
-
cpe:2.3:a:hp:openview_storage_data_protector:6.00
-
cpe:2.3:a:hp:openview_storage_data_protector:6.10
-
cpe:2.3:a:hp:openview_storage_data_protector:6.11
-
cpe:2.3:a:hp:openview_storage_data_protector:6.20