It is possible to execute code on the remote host through the backup agent.
The remote version of HP OpenView Data Protector is vulnerable to an authentication bypass flaw. By sending specially crafted requests to the remote host, an attacker may be able to execute unauthorized Backup commands. Due to the nature of the software, a successful exploitation of this vulnerability could result in remote code execution.
If this service is not needed, disable it or filter incoming traffic to this port. HP has released a set of patches for Data Protector 5.10 and 5.50: http://itrc.hp.com/service/cki/docDisplay.do?docId=c00742778