CVE-2009-3844

HP Openview Data Protector Applicatio... - Memory Corruption

Title source: rule

Description

Stack-based buffer overflow in the OmniInet process in HP OpenView Data Protector Application Recovery Manager 5.50 and 6.0 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted MSG_PROTOCOL packet.

Exploits (3)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/16435

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by EgiX · rubyremotewindows

https://www.exploit-db.com/exploits/10715

View Code ZIP pw:eip

metasploit WORKING POC GREAT

rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/misc/hp_omniinet_2.rb

View Code ZIP pw:eip

References (8)

[Mailing List] http://marc.info/?l=bugtraq&m=126029001704529&w=2

[Vendor Advisory] http://secunia.com/advisories/37600

[Vendor Advisory] http://www.vupen.com/english/advisories/2009/3454

[Exploit] http://zerodayinitiative.com/advisories/ZDI-09-091/

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/54638

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/508329/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/37250

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1023288

Scores

EPSS 0.7661

EPSS Percentile 99.0%

Details

CWE

CWE-119

Status published

Products (2)

hp/openview_data_protector_application_recovery_manager 5.50

hp/openview_data_protector_application_recovery_manager 6.0

Published Dec 08, 2009

Tracked Since Feb 18, 2026