Vulnerabilities > CVE-2001-0311 - Local Security vulnerability in HP Hp-Ux and Omniback II

047910
CVSS 4.6 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
local
low complexity
hp
exploit available
metasploit
NVD
Published: 2001-06-02
Updated: 2017-10-10

Summary

Vulnerability in OmniBackII A.03.50 in HP 11.x and earlier allows attackers to gain unauthorized access to an OmniBack client.

Vulnerable Configurations

Part Description Count
Application
Hp
1
OS
Hp
42

Exploit-Db

  • descriptionHP OpenView OmniBack II Generic Remote Exploit. CVE-2001-0311. Remote exploits for multiple platform
    idEDB-ID:1114
    last seen2016-01-31
    modified2000-12-21
    published2000-12-21
    reporterDiGiT
    sourcehttps://www.exploit-db.com/download/1114/
    titleHP OpenView OmniBack II Generic Remote Exploit
  • descriptionHP OpenView OmniBack II Command Execution. CVE-2001-0311. Remote exploits for multiple platform
    idEDB-ID:16291
    last seen2016-02-01
    modified2010-09-20
    published2010-09-20
    reportermetasploit
    sourcehttps://www.exploit-db.com/download/16291/
    titleHP OpenView OmniBack II Command Execution
  • descriptionHP OpenView OmniBack II A.03.50 Command Executino. CVE-2001-0311. Remote exploits for multiple platform
    idEDB-ID:9942
    last seen2016-02-01
    modified2001-02-28
    published2001-02-28
    reporterH D Moore
    sourcehttps://www.exploit-db.com/download/9942/
    titleHP OpenView OmniBack II A.03.50 - Command Executino

Metasploit

descriptionThis module uses a vulnerability in the OpenView Omniback II service to execute arbitrary commands. This vulnerability was discovered by DiGiT and his code was used as the basis for this module. For Microsoft Windows targets, due to module limitations, use the "unix/cmd/generic" payload and set CMD to your command. You can only pass a small amount of characters (4) to the command line on Windows.
idMSF:EXPLOIT/MULTI/MISC/OPENVIEW_OMNIBACK_EXEC
last seen2020-05-22
modified2017-11-08
published2008-11-13
references
reporterRapid7
sourcehttps://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/multi/misc/openview_omniback_exec.rb
titleHP OpenView OmniBack II Command Execution

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/82266/openview_omniback_exec.rb.txt
idPACKETSTORM:82266
last seen2016-12-05
published2009-10-27
reporterH D Moore
sourcehttps://packetstormsecurity.com/files/82266/HP-OpenView-OmniBack-II-Command-Execution.html
titleHP OpenView OmniBack II Command Execution

Saint

bid11032
descriptionHP OpenView OmniBack directory traversal
idnet_omnibackshell
osvdb6018
titleomniback_dir_traversal
typeremote

References