HP Data Protector 'crs.exe' Opcode 1091 Directory Traversal Vulnerability
BID:68856
Info
HP Data Protector 'crs.exe' Opcode 1091 Directory Traversal Vulnerability
| Bugtraq ID: | 68856 |
| Class: | Design Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jul 23 2014 12:00AM |
| Updated: | Jul 23 2014 12:00AM |
| Credit: | [email protected] |
| Vulnerable: | |
| Not Vulnerable: | |
Discussion
HP Data Protector 'crs.exe' Opcode 1091 Directory Traversal Vulnerability
HP Data Protector is prone to a directory-traversal vulnerability.
Remote attackers can use specially crafted requests with directory-traversal sequences ('../') to creation of an arbitrary file. This may aid to execute remote code in the context of the application.
HP Data Protector is prone to a directory-traversal vulnerability.
Remote attackers can use specially crafted requests with directory-traversal sequences ('../') to creation of an arbitrary file. This may aid to execute remote code in the context of the application.
Exploit / POC
HP Data Protector 'crs.exe' Opcode 1091 Directory Traversal Vulnerability
An attacker can use readily available tools to exploit this issue.
An attacker can use readily available tools to exploit this issue.
Solution / Fix
HP Data Protector 'crs.exe' Opcode 1091 Directory Traversal Vulnerability
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
HP Data Protector 'crs.exe' Opcode 1091 Directory Traversal Vulnerability
References:
References: