HP Data Protector Media Operations DBServer opcode 0x10 Traversal Arbitrary File Access

Medium Nessus Plugin ID 58387


The remote service is affected by a remote directory traversal vulnerability.


HP Data Protector Media Operations is affected by a directory traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Successfully exploiting the issue may allow an attacker to obtain read arbitrary files that could aid in further attacks.


Limit access to this service as there is no known fix currently.

See Also


Plugin Details

Severity: Medium

ID: 58387

File Name: hp_data_protector_0620_path_traversal.nasl

Version: $Revision: 1.7 $

Type: remote

Family: Misc.

Published: 2012/03/19

Modified: 2017/05/16

Dependencies: 17975

Risk Information

Risk Factor: Medium


Base Score: 5

Temporal Score: 4.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Temporal Vector: CVSS2#E:F/RL:U/RC:ND

Vulnerability Information

CPE: cpe:/a:hp:storage_data_protector_media_operations

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2011/11/04

Reference Information

BID: 50531

OSVDB: 76841