Stack-based Buffer Overflow in HP OpenView Storage Data Protector
CVE-2011-1734

Currently unrated

Key Information:

Vendor: HP
Status: Openview Storage Data Protector
Vendor: CVE Published:; 7 May 2011

Summary

A stack-based buffer overflow exists in the Backup Client Service of HP OpenView Storage Data Protector versions 6.00, 6.10, and 6.11. This vulnerability can be exploited by sending a specially crafted 'omniiaputil' message, allowing remote attackers to execute arbitrary code on the target system. The flaw poses a significant risk as it can be triggered without authentication, potentially compromising sensitive data and system integrity.

References

http://www.securityfocus.com/archive/1/517770/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://zerodayinitiative.com/advisories/ZDI-11-150/

x_refsource_MISC

http://www.securityfocus.com/bid/47638

vdb-entryx_refsource_BID

EPSS Score

38% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
May 7, 2011
Vulnerability Reserved
Apr 19, 2011