CVE-2011-1865 - OpenCVE

Multiple stack-based buffer overflows in the inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allow remote attackers to execute arbitrary code via a request containing crafted parameters.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Hp	Openview Storage Data Protector

Configuration 1 [-]

OR	cpe:2.3:a:hp:openview_storage_data_protector:6.00:::::::*
	cpe:2.3:a:hp:openview_storage_data_protector:6.10:::::::*
	cpe:2.3:a:hp:openview_storage_data_protector:6.11:::::::*
	cpe:2.3:a:hp:openview_storage_data_protector:6.20:::::::*

No data.

References

Link	Providers
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02872182
http://secunia.com/advisories/45100
http://securityreason.com/securityalert/8288
http://securityreason.com/securityalert/8290
http://securityreason.com/securityalert/8291
http://securityreason.com/securityalert/8295
http://securitytracker.com/id?1025731
http://www.coresecurity.com/content/HP-Data-Protector-multiple-vulnerabilities
http://www.exploit-db.com/exploits/17458
http://www.exploit-db.com/exploits/17467
http://www.exploit-db.com/exploits/17468
http://www.exploit-db.com/exploits/17490
http://www.securityfocus.com/bid/48486
https://exchange.xforce.ibmcloud.com/vulnerabilities/68281

History

No history.

MITRE

Status: PUBLISHED

Assigner: hp

Published: 2011-07-01T10:00:00

Updated: 2024-08-06T22:45:58.655Z

Reserved: 2011-05-03T00:00:00

Link: CVE-2011-1865

Vulnrichment

No data.

NVD

Status : Modified

Published: 2011-07-01T10:55:02.003

Modified: 2017-08-17T01:34:27.213

Link: CVE-2011-1865

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-06-29T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple stack-based buffer overflows in the inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allow remote attackers to execute arbitrary code via a request containing crafted parameters."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-16T14:57:01", "orgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2", "shortName": "hp"}, "references": [{"name": "1025731", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1025731"}, {"name": "17467", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "http://www.exploit-db.com/exploits/17467"}, {"name": "48486", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/48486"}, {"name": "8291", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/8291"}, {"name": "17468", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "http://www.exploit-db.com/exploits/17468"}, {"name": "8288", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/8288"}, {"name": "openview-data-ce(68281)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68281"}, {"name": "17490", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "http://www.exploit-db.com/exploits/17490"}, {"name": "17458", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "http://www.exploit-db.com/exploits/17458"}, {"name": "HPSBMU02686", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02872182"}, {"name": "45100", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/45100"}, {"name": "SSRT100541", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02872182"}, {"name": "8295", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/8295"}, {"tags": ["x_refsource_MISC"], "url": "http://www.coresecurity.com/content/HP-Data-Protector-multiple-vulnerabilities"}, {"name": "8290", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/8290"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "hp-security-alert@hp.com", "ID": "CVE-2011-1865", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple stack-based buffer overflows in the inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allow remote attackers to execute arbitrary code via a request containing crafted parameters."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "1025731", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1025731"}, {"name": "17467", "refsource": "EXPLOIT-DB", "url": "http://www.exploit-db.com/exploits/17467"}, {"name": "48486", "refsource": "BID", "url": "http://www.securityfocus.com/bid/48486"}, {"name": "8291", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/8291"}, {"name": "17468", "refsource": "EXPLOIT-DB", "url": "http://www.exploit-db.com/exploits/17468"}, {"name": "8288", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/8288"}, {"name": "openview-data-ce(68281)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68281"}, {"name": "17490", "refsource": "EXPLOIT-DB", "url": "http://www.exploit-db.com/exploits/17490"}, {"name": "17458", "refsource": "EXPLOIT-DB", "url": "http://www.exploit-db.com/exploits/17458"}, {"name": "HPSBMU02686", "refsource": "HP", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02872182"}, {"name": "45100", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/45100"}, {"name": "SSRT100541", "refsource": "HP", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02872182"}, {"name": "8295", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/8295"}, {"name": "http://www.coresecurity.com/content/HP-Data-Protector-multiple-vulnerabilities", "refsource": "MISC", "url": "http://www.coresecurity.com/content/HP-Data-Protector-multiple-vulnerabilities"}, {"name": "8290", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/8290"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T22:45:58.655Z"}, "title": "CVE Program Container", "references": [{"name": "1025731", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1025731"}, {"name": "17467", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "http://www.exploit-db.com/exploits/17467"}, {"name": "48486", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/48486"}, {"name": "8291", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/8291"}, {"name": "17468", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "http://www.exploit-db.com/exploits/17468"}, {"name": "8288", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/8288"}, {"name": "openview-data-ce(68281)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68281"}, {"name": "17490", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "http://www.exploit-db.com/exploits/17490"}, {"name": "17458", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "http://www.exploit-db.com/exploits/17458"}, {"name": "HPSBMU02686", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02872182"}, {"name": "45100", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/45100"}, {"name": "SSRT100541", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02872182"}, {"name": "8295", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/8295"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.coresecurity.com/content/HP-Data-Protector-multiple-vulnerabilities"}, {"name": "8290", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/8290"}]}]}, "cveMetadata": {"assignerOrgId": "74586083-13ce-40fd-b46a-8e5d23cfbcb2", "assignerShortName": "hp", "cveId": "CVE-2011-1865", "datePublished": "2011-07-01T10:00:00", "dateReserved": "2011-05-03T00:00:00", "dateUpdated": "2024-08-06T22:45:58.655Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:hp:openview_storage_data_protector:6.00:*:*:*:*:*:*:*", "matchCriteriaId": "DD25EB53-4062-4054-BBB9-AF0676E86C98", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:openview_storage_data_protector:6.10:*:*:*:*:*:*:*", "matchCriteriaId": "2F55A6FD-8104-4A26-A803-F8971AED5940", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:openview_storage_data_protector:6.11:*:*:*:*:*:*:*", "matchCriteriaId": "42BAF885-79EF-418C-A391-751AA8593E85", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:openview_storage_data_protector:6.20:*:*:*:*:*:*:*", "matchCriteriaId": "B514F739-A2B3-429F-9679-DB5C244135DC", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple stack-based buffer overflows in the inet service in HP OpenView Storage Data Protector 6.00 through 6.20 allow remote attackers to execute arbitrary code via a request containing crafted parameters."}, {"lang": "es", "value": "M\u00faltiples desbordamientos de b\u00fafer basados en pila en el servicio inet en HP OpenView Storage Data Protector v6.00 hasta 6.20 permite a atacantes remotos ejecutar c\u00f3digo arbitrario mediante una petici\u00f3n que contenga par\u00e1metros manipulados."}], "id": "CVE-2011-1865", "lastModified": "2017-08-17T01:34:27.213", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2011-07-01T10:55:02.003", "references": [{"source": "hp-security-alert@hp.com", "tags": ["Vendor Advisory"], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02872182"}, {"source": "hp-security-alert@hp.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/45100"}, {"source": "hp-security-alert@hp.com", "url": "http://securityreason.com/securityalert/8288"}, {"source": "hp-security-alert@hp.com", "url": "http://securityreason.com/securityalert/8290"}, {"source": "hp-security-alert@hp.com", "url": "http://securityreason.com/securityalert/8291"}, {"source": "hp-security-alert@hp.com", "url": "http://securityreason.com/securityalert/8295"}, {"source": "hp-security-alert@hp.com", "url": "http://securitytracker.com/id?1025731"}, {"source": "hp-security-alert@hp.com", "tags": ["Exploit"], "url": "http://www.coresecurity.com/content/HP-Data-Protector-multiple-vulnerabilities"}, {"source": "hp-security-alert@hp.com", "url": "http://www.exploit-db.com/exploits/17458"}, {"source": "hp-security-alert@hp.com", "url": "http://www.exploit-db.com/exploits/17467"}, {"source": "hp-security-alert@hp.com", "url": "http://www.exploit-db.com/exploits/17468"}, {"source": "hp-security-alert@hp.com", "url": "http://www.exploit-db.com/exploits/17490"}, {"source": "hp-security-alert@hp.com", "url": "http://www.securityfocus.com/bid/48486"}, {"source": "hp-security-alert@hp.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68281"}], "sourceIdentifier": "hp-security-alert@hp.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}