Computer Security
[EN] securityvulns.ru no-pyccku


HP Data Protector Express privilege escalation
updated since 11.09.2010
Published:17.09.2010
Source:
SecurityVulns ID:11130
Type:remote
Threat Level:
5/10
Description:Buffer overflow in DtbClsLogin
Affected:HP : HP Data Protector Express 3.5
 HP : HP Data Protector Express 4.0
CVE:CVE-2010-3008 (Unspecified vulnerability in HP Data Protector Express, and Data Protector Express Single Server Edition (SSE), 3.x before build 56936 and 4.x before build 56906 on Windows allows local users to gain privileges or cause a denial of service via unknown vectors, a different vulnerability than CVE-2010-3007.)
 CVE-2010-3007 (Unspecified vulnerability in HP Data Protector Express, and Data Protector Express Single Server Edition (SSE), 3.x before build 56936 and 4.x before build 56906 allows local users to gain privileges or cause a denial of service via unknown vectors.)
Original documentdocumentZDI, ZDI-10-174: Hewlett-Packard Data Protector DtbClsLogin Utf8cpy Remote Code Execution Vulnerability (17.09.2010)
 documentHP, [security bulletin] HPSBMA02516 SSRT090232 rev.1 - HP Data Protector Express and HP Data Protector Express Single Server Edition (SSE), Local (11.09.2010)
 documentHP, [security bulletin] HPSBMA02576 SSRT090231 rev.1 - HP Data Protector Express and HP Data Protector Express Single Server Edition (SSE), Local Denial of Service (DoS), Execution of Arbitrary Code (11.09.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod