Required CVE Record Information
Description
Directory traversal vulnerability in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to read arbitrary files via directory traversal sequences in a filename in a GET_FILE message.
References 9 Total
- securityfocus.com: 20110429 ZDI-11-152: HP Data Protector Backup Client Service GET_FILE Directory Traversal Vulnerability mailing-list
- osvdb.org: 72195 vdb-entry
- securityfocus.com: 47638 vdb-entry
- h20000.www2.hp.com: HPSBMA02668 vendor-advisory
- h20000.www2.hp.com: SSRT100474 vendor-advisory
- exchange.xforce.ibmcloud.com: openview-data-code-exec(67209) vdb-entry
- secunia.com: 44402 third-party-advisory
- securitytracker.com: 1025454 vdb-entry
- http://zerodayinitiative.com/advisories/ZDI-11-152/
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 9 Total
- securityfocus.com: 20110429 ZDI-11-152: HP Data Protector Backup Client Service GET_FILE Directory Traversal Vulnerability mailing-listx_transferred
- osvdb.org: 72195 vdb-entryx_transferred
- securityfocus.com: 47638 vdb-entryx_transferred
- h20000.www2.hp.com: HPSBMA02668 vendor-advisoryx_transferred
- h20000.www2.hp.com: SSRT100474 vendor-advisoryx_transferred
- exchange.xforce.ibmcloud.com: openview-data-code-exec(67209) vdb-entryx_transferred
- secunia.com: 44402 third-party-advisoryx_transferred
- securitytracker.com: 1025454 vdb-entryx_transferred
- http://zerodayinitiative.com/advisories/ZDI-11-152/ x_transferred