Описание
The Backup Client Service (OmniInet.exe) in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary commands or cause a denial of service via a crafted EXEC_BAR packet to TCP port 5555, aka ZDI-CAN-1885.
Ссылки
- Permissions Required
- Vendor Advisory
- Broken Link
- Third Party Advisory
- Permissions Required
- Vendor Advisory
- Broken Link
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:hp:storage_data_protector:6.20:-:*:*:*:hp-ux:*:*
cpe:2.3:a:hp:storage_data_protector:6.20:-:*:*:*:redhat_enterprise_linux:*:*
cpe:2.3:a:hp:storage_data_protector:6.20:-:*:*:*:solaris:*:*
cpe:2.3:a:hp:storage_data_protector:6.20:-:*:*:*:windows_server_2003:*:*
cpe:2.3:a:hp:storage_data_protector:6.20:-:*:*:*:windows_server_2008:*:*
cpe:2.3:a:hp:storage_data_protector:6.21:-:*:*:*:hp-ux:*:*
cpe:2.3:a:hp:storage_data_protector:6.21:-:*:*:*:redhat_enterprise_linux:*:*
cpe:2.3:a:hp:storage_data_protector:6.21:-:*:*:*:solaris:*:*
cpe:2.3:a:hp:storage_data_protector:6.21:-:*:*:*:windows_server_2003:*:*
cpe:2.3:a:hp:storage_data_protector:6.21:-:*:*:*:windows_server_2008:*:*
EPSS
Процентиль: 99%
0.7679
Высокий
10 Critical
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
github
больше 3 лет назад
The Backup Client Service (OmniInet.exe) in HP Storage Data Protector 6.2X allows remote attackers to execute arbitrary commands or cause a denial of service via a crafted EXEC_BAR packet to TCP port 5555, aka ZDI-CAN-1885.
EPSS
Процентиль: 99%
0.7679
Высокий
10 Critical
CVSS2
Дефекты
NVD-CWE-noinfo