HP OpenView Storage Data Protector 'omniinet.exe' Remote Buffer Overflow Vulnerability

HP OpenView Storage Data Protector is prone to a stack-based buffer-overflow vulnerability because it fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.

An attacker can exploit this issue by sending specially crafted packets to TCP port 5555.

Successful exploits will allow attackers to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions.

HP OpenView Storage Data Protector versions 6.0, 6.10, 6.11 and 6.20 are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus