HP Data Protector Backup Client Service GET_FILE Directory Traversal Vulnerability
Gravità: : Alto
Identificatori CVE: CVE-2011-1736
Data notifica: 21 luglio 2015
Descrizione
Directory traversal vulnerability in OmniInet.exe in the Backup Client Service in HP OpenView Storage Data Protector 6.00, 6.10, and 6.11 allows remote attackers to read arbitrary files via directory traversal sequences in a filename in a GET_FILE message.
Informazioni esposizione:
Apply associated Trend Micro DPI Rules.
Soluzioni
Trend Micro Deep Security DPI Rule Number: 1004675
Trend Micro Deep Security DPI Rule Name: 1004675 - HP Data Protector Backup Client Service GET_FILE Directory Traversal Vulnerability
Software e versione interessati:
- hp openview_storage_data_protector 6.00
- hp openview_storage_data_protector 6.10
- hp openview_storage_data_protector 6.11