Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:3E3C1A0E5F6FE849060451134EF2B7B5
HistoryDec 24, 2007 - 12:00 a.m.

HP OpenView Network Node Manager ovlogin.exe buffer overflow

2007-12-2400:00:00
SAINT Corporation
my.saintcorporation.com
14

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.63 Medium

EPSS

Percentile

97.8%

JSON

Added: 12/24/2007
CVE: CVE-2007-6204
BID: 26741
OSVDB: 39529

Background

HP OpenView Network Node Manager is network availability and performance management software.

Problem

A buffer overflow in the Network Node Manager web interface allows remote attackers to execute arbitrary commands by sending a long, specially crafted argument to the **ovlogin.exe** CGI program.

Resolution

Apply one of the patches referenced in HPSBMA02281 SSRT061261.

References

<http://www.zerodayinitiative.com/advisories/ZDI-07-071.html&gt;

Limitations

Exploit works on HP OpenView Network Node Manager 6.41 on Windows 2000.

Platforms

Windows

Related

packetstorm 2
nessus 5
securityvulns 3
prion 1
saint 3
zdi 1
cve 1
checkpoint_advisories 1
packetstorm
packetstorm
HP OpenView Network Node Manager CGI Buffer Overflow
2009-11-26 00:00:00
HP OpenView Network Node Manager OpenView5.exe CGI Buffer Overflow
2009-12-31 00:00:00
nessus
nessus
HP OpenView Network Node Manager Multiple CGI Remote Overflows
2007-12-07 00:00:00
HP-UX PHSS_36902 : s700_800 11.X OV NNM7.51 IA-64 Intermediate Patch 17
2007-10-03 00:00:00
HP-UX PHSS_36901 : s700_800 11.X OV NNM7.51 PA-RISC Intermediate Patch 17
2007-10-03 00:00:00
securityvulns
securityvulns
ZDI-07-071: HP OpenView Network Node Manager Multiple CGI Buffer Overflows
2007-12-07 00:00:00
[security bulletin] HPSBMA02281 SSRT061261 rev.1 - HP OpenView Network Node Manager &#40;OV NNM&#41; Remote Unauthorized Execution of Arbitrary Code
2007-12-07 00:00:00
HP OpenView Network Node Manager multiple CGI buffer overflow
2008-04-15 00:00:00
prion
prion
Stack overflow
2007-12-13 21:46:00
saint
saint
HP OpenView Network Node Manager ovlogin.exe buffer overflow
2007-12-24 00:00:00
HP OpenView Network Node Manager ovlogin.exe buffer overflow
2007-12-24 00:00:00
HP OpenView Network Node Manager ovlogin.exe buffer overflow
2007-12-24 00:00:00
zdi
zdi
Hewlett-Packard OpenView Network Node Manager Multiple CGI Buffer Overflow Vulnerabilities
2007-12-06 00:00:00
cve
cve
CVE-2007-6204
2007-12-13 21:46:00
checkpoint_advisories
checkpoint_advisories
HP OpenView Network Node Manager CGI programs HTTP Request Buffer Overflow (CVE-2007-6204; CVE-2008-0067)
2009-12-06 00:00:00

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.63 Medium

EPSS

Percentile

97.8%

JSON
Related for SAINT:3E3C1A0E5F6FE849060451134EF2B7B5
packetstorm2nessus5securityvulns3prion1saint3zdi1cve1checkpoint_advisories1