HP OpenView Performance Insight Security Bypass and HTML Injection Vulnerabilities

HP OpenView Performance Insight is prone to a security-bypass vulnerability and an HTML-injection vulnerability. An attacker may leverage the HTML-injection issue to inject hostile HTML and script code that would run in the context of the affected site, potentially allowing the attacker to steal...

HP OpenView Performance Insight Security Bypass and HTML Injection Vulnerabilities

HP OpenView Performance Insight is prone to a security-bypass vulnerability and an HTML-injection vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

HP OpenView Performance Insight sendEmail.jsp XSS

The version of HP OpenView Performance Insight running on the remote host has a reflected cross-site scripting vulnerability. Input to the 'bgcolor' parameter of sendEmail.jsp is not properly sanitized. A remote attacker could exploit this by tricking a user into requesting a maliciously crafted...

CVE-2011-2406

Cross-site scripting XSS vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

CVE-2011-2407

Unspecified vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote attackers to obtain access via unknown vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

Code injection

Unspecified vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote attackers to obtain access via unknown vectors...

CVE-2011-2407

HP OpenView Performance Insight (PI) vulnerability CVE-2011-2407 affects PI versions 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002. The cited OpenVAS entries describe a security-bypass and HTML-injection issue that could allow a remote attacker to obtain access to the affected system. HP’s securit...

CVE-2011-2407

Unspecified vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote attackers to obtain access via unknown vectors...

CVE-2011-2406

HP OpenView Performance Insight (PI) vulnerability CVE-2011-2406 affects PI versions 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002. The issue is a cross‑site scripting (XSS) vulnerability that allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors (documen...

CVE-2011-2406

Cross-site scripting XSS vulnerability in HP OpenView Performance Insight 5.3, 5.31, 5.4, 5.41, 5.41.001, and 5.41.002 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

[security bulletin] HPSBMU02695 SSRT100480 rev.1 - HP OpenView Performance Insight, Remote HTML Injection, Unauthorized Access

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02942411 Version: 1 HPSBMU02695 SSRT100480 rev.1 - HP OpenView Performance Insight, Remote HTML Injection, Unauthorized Access NOTICE: The information in this Security Bulletin should be acted up...

HP OpenView Performance Insight security vulnerabilities

Crossite scripting, unauthorized access...

HP (OpenView Storage) Data Protector Media Management Daemon DoS Vulnerability

HP OpenView Storage Data Protector Manager is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only C...

HP OpenView Performance Agent DoS

It's possible to remove arbitrary files via TCP/383 HTTP request...

HP OpenView Network Node Manager Toolbar.exe CGI Cookie Handling Buffer Overflow

No description provided by source. $Id: hpnnmtoolbar02.rb 13194 2011-07-16 05:21:20Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...

HP OpenView Network Node Manager Toolbar.exe CGI Buffer Overflow

No description provided by source. $Id: hpnnmtoolbar01.rb 13192 2011-07-16 04:45:21Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...

HP OpenView Network Node Manager Toolbar.exe CGI Cookie Handling Buffer Overflow

This module exploits a stack buffer overflow in HP OpenView Network Node Manager 7.0 and 7.53. By sending a CGI request with a specially OvOSLocale cookie to Toolbar.exe, an attacker may be able to execute arbitrary code. Please note that this module only works against a specific build i.e. NNM...

HP OpenView Network Node Manager Toolbar.exe CGI Buffer Overflow

This module exploits a stack buffer overflow in HP OpenView Network Node Manager 7.50. By sending a specially crafted CGI request to Toolbar.exe, an attacker may be able to execute arbitrary code. This module requires Metasploit: https://metasploit.com/download Current source:...

HP OpenView Network Node Manager Toolbar.exe CGI Cookie Handling BOf

Exploit for windows platform in category remote exploits $Id: hpnnmtoolbar02.rb 13194 2011-07-16 05:21:20Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on...