HP Data Protector Backup Client Service GET_FILE Directory Traversal Vulnerability
Schweregrad:: Hoch
CVE Kennungen:: CVE-2011-1736
Hinweisdatum: 21 Juli 2015
Beschreibung
Directory traversal vulnerability in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to read arbitrary files via directory traversal sequences in a filename in a GET_FILE message.
Trend Micro Lösungen
Apply associated Trend Micro DPI Rules.
Lösungen
Trend Micro Deep Security DPI Rule Number: 1004675
Trend Micro Deep Security DPI Rule Name: 1004675 - HP Data Protector Backup Client Service GET_FILE Directory Traversal Vulnerability
Betroffene Software und Version:
- hp openview_storage_data_protector 6.00
- hp openview_storage_data_protector 6.10
- hp openview_storage_data_protector 6.11