Back to search
CVE-2011-1736
Published: May 7, 2011
Modified: Aug 6, 2024
PUBLISHED
Description
Directory traversal vulnerability in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to read arbitrary files via directory traversal sequences in a filename in a GET_FILE message.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20110429 ZDI-11-152: HP Data Protector Backup Client Service GET_FILE Directory Traversal Vulnerability
mailing-list
x_refsource_BUGTRAQ
72195
vdb-entry
x_refsource_OSVDB
47638
vdb-entry
x_refsource_BID
HPSBMA02668
vendor-advisory
x_refsource_HP
SSRT100474
vendor-advisory
x_refsource_HP
openview-data-code-exec(67209)
vdb-entry
x_refsource_XF
44402
third-party-advisory
x_refsource_SECUNIA
1025454
vdb-entry
x_refsource_SECTRACK
http://zerodayinitiative.com/advisories/ZDI-11-152/
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now