HP OpenView Select Access protection bypass

Invalid URL esc-symbols decoding allows user to access protected directory...

[security bulletin] SSRT4719 hp OpenView Select Access remote unauthorized access

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 HP SECURITY BULLETIN HPSBMA01045 REVISION: 0 SSRT4719 rev.0 hp OpenView Select Access remote unauthorized access ----------------------------------------------------------------- NOTICE: There are no restrictions for distribution of this Bulletin...

HP OpenView Select Access fails to properly decode UTF-8 encoded unicode characters in URLs

Overview There is a vulnerability in the way HP OpenView Select Access decodes UTF-8 encoded unicode characters in URLs. This vulnerability could allow a remote user to gain access to resources the user would otherwise be unauthorized to access. Description HP OpenView Select Access is a software...

CVE-2003-1494

Unspecified vulnerability in HP OpenView Network Node Manager NNM 6.2 and 6.4 allows remote attackers to cause a denial of service CPU consumption via a crafted TCP packet...

CVE-2003-1493

Memory leak in HP OpenView Network Node Manager NNM 6.2 and 6.4 allows remote attackers to cause a denial of service memory exhaustion via crafted TCP packets...

CVE-2003-0746

Various Distributed Computing Environment DCE implementations, including HP OpenView, allow remote attackers to cause a denial of service process hang or termination via certain malformed inputs, as triggered by attempted exploits against the vulnerabilities CVE-2003-0352 or CVE-2003-0605, such a...

CVE-2003-0746

CVE-2003-0746 is a composite DoS entry tied to earlier MS03-026-style DCOM/RPC vulnerabilities (CVE-2003-0352, CVE-2003-0605). Connected sources confirm that multiple DCE/ RPC implementations, notably Microsoft Windows RPCSS/DCOM interfaces, could be overwhelmed by malformed DCERPC messages, with...

CVE-2002-1408

Unknown vulnerability or vulnerabilities in HP OpenView EMANATE 14.2 snmpModules allow the SNMP read-write community name to be exposed, related to 1 "'read-only' community access," and/or 2 an easily guessable community name...

CVE-2002-1408

CVE-2002-1408 concerns HP OpenView EMANATE 14.2 snmpModules where the SNMP read-write community name can be exposed, related to (1) 'read-only' community access, and/or (2) an easily guessable community name. This exposure could enable unauthorized SNMP read/write access to affected data and conf...

CVE-2002-1408

Unknown vulnerability or vulnerabilities in HP OpenView EMANATE 14.2 snmpModules allow the SNMP read-write community name to be exposed, related to 1 "'read-only' community access," and/or 2 an easily guessable community name...

CVE-2001-1123

The CVE-2001-1123 vulnerability affects HP OpenView Network Node Manager (NNM) versions 6.2 and earlier. It allows a local attacker to potentially execute arbitrary code due to a suspected buffer overflow when processing a long hostname or object ID, enabling local privilege impact on the host ru...

CVE-2001-1123

Vulnerability in Network Node Manager NNM 6.2 and earlier in HP OpenView allows a local user to execute arbitrary code, possibly via a buffer overflow in a long hostname or object ID...

CVE-2001-0629

HP OpenView Network Node Manager 6.1 includes the HP Event Correlation Service (ecsd) vulnerable to a remote privilege escalation due to a buffer overflow in the -restore_config command line parameter. Affected component: ecsd within OpenView/NNM 6.1. Consequence: remote attacker could gain addit...

OpenView Network Node Manager contains vulnerability allowing for privilege escalation

Overview The HP Network Node Manager contains a vulnerability that may allow an attacker to gain elevated privileges. Description The Network Node Manager is a networked systems software management package distributed by Hewlett-Packard. A vulnerability in this software package may allow an...

CVE-2001-1123

Vulnerability in Network Node Manager NNM 6.2 and earlier in HP OpenView allows a local user to execute arbitrary code, possibly via a buffer overflow in a long hostname or object ID...

CVE-2001-0552

ovactiond in HP OpenView Network Node Manager NNM 6.1 and Tivoli Netview 5.x and 6.x allows remote attackers to execute arbitrary commands via shell metacharacters in a certain SNMP trap message...

CVE-2001-0552

ovactiond in HP OpenView Network Node Manager NNM 6.1 and Tivoli Netview 5.x and 6.x allows remote attackers to execute arbitrary commands via shell metacharacters in a certain SNMP trap message...

CVE-2001-0552

CVE-2001-0552 affects HP OpenView Network Node Manager (NNM) 6.1 and Tivoli NetView (5.x/6.x). The vulnerability arises from ovactiond handling SNMP traps; remote attackers can inject shell metacharacters in a trap message to execute arbitrary commands, gaining the privileges of ovactiond (typica...

Удаленное выполнение команд через HP Openview / Tivoli NetView (remote execution)

При получении определенного snmp-trap данные передаются внешнему приложению через командную строку, при этом не производится проверка shell-символов...

Advisory CA-2001-24

-----BEGIN PGP SIGNED MESSAGE----- CERT Advisory CA-2001-24 Vulnerability in OpenView and NetView Original release date: August 15, 2001 Last revised: -- Source: CERT/CC A complete revision history can be found at the end of this file. Systems Affected Systems running HP OpenView Network Node...