‘Hewlett-Packard Data Protector Client EXEC_CMD omni_chk_ds.sh Code Execution Vulnerability’
‘The original article can be found at: http://www.zerodayinitiative.com/advisories/ZDI-11-054/‘
* Hewlett-Packard Data Protector
User interaction is not required to exploit this vulnerability.
The specific flaw exists within the filtering of the EXEC_CMD command. The Data Protector client only verifies file names, not their contents. By supplying malicious code within specific script files, arbitrary code execution is possible under the context of the current user.
2009-01-26 – Vulnerability reported to vendor
2011-02-07 – Coordinated public release of advisory’