TPTI-09-15: HP OpenView Data Protector Cell Manager Heap Overflow Vulnerability

TPTI-09-15: HP OpenView Data Protector Cell Manager Heap Overflow Vulnerability http://dvlabs.tippingpoint.com/advisory/TPTI-09-15 December 17, 2009 -- CVE ID: CVE-2007-2281 -- Affected Vendors: Hewlett-Packard -- Affected Products: Hewlett-Packard OpenView -- TippingPointTM IPS Customer...

HP-UX PHSS_39639 : HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code (HPSBMA02416 SSRT090008 rev.5)

s700800 11.X OV NNM7.53 PA-RISC Intermediate Patch 23 : Potential vulnerabilities have been identified with HP OpenView Network Node Manager OV NNM. The vulnerabilities could be exploited remotely to execute arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text...

HP OpenView Storage Data Protector备份客户端服务栈溢出漏洞

BUGTRAQ ID: 37396 CVECAN ID: CVE-2007-2280 HP OpenView Storage Data Protector是可扩展的数据管理解决方案，实现基于磁盘或磁带的高性能备份和恢复功能。 OpenView Storage Data Protector默认绑定在TCP 5555端口上的备份客户端服务守护程序（OmniInet.exe）在处理发送给MSGPROTOCOL命令的超长参数时存在栈溢出漏洞，远程攻击者可以通过提交恶意请求触发这个溢出，导致以服务的权限执行任意代码。 HP OpenView Storage Data Protector 6.0 H...

HP OpenView Storage Data Protector rds.exe服务堆溢出漏洞

BUGTRAQ ID: 37386 CVECAN ID: CVE-2007-2281 HP OpenView Storage Data Protector是可扩展的数据管理解决方案，实现基于磁盘或磁带的高性能备份和恢复功能。 OpenView Storage Data Protector默认绑定在TCP 1530端口上的Cell Manager Database服务（rds.exe）中存在堆溢出漏洞。该服务通过ncp32.NtrpTCPReceiveMsg接收以下格式的套接字数据： 0xB6298C234-byte size....data...

Stack overflow

Stack-based buffer overflow in OmniInet.exe aka the backup client service daemon in the Application Recovery Manager component in HP OpenView Storage Data Protector 5.50 and 6.0 allows remote attackers to execute arbitrary code via an MSGPROTOCOL command with long arguments, a different...

Integer overflow

Integer overflow in the ncp32.NtrpTCPReceiveMsg function in rds.exe in the Cell Manager Database Service in the Application Recovery Manager component in HP OpenView Storage Data Protector 5.50 and 6.0 allows remote attackers to execute arbitrary code via a large value in the size parameter...

CVE-2007-2281

Integer overflow in the ncp32.NtrpTCPReceiveMsg function in rds.exe in the Cell Manager Database Service in the Application Recovery Manager component in HP OpenView Storage Data Protector 5.50 and 6.0 allows remote attackers to execute arbitrary code via a large value in the size parameter...

CVE-2007-2280

Stack-based buffer overflow in OmniInet.exe aka the backup client service daemon in the Application Recovery Manager component in HP OpenView Storage Data Protector 5.50 and 6.0 allows remote attackers to execute arbitrary code via an MSGPROTOCOL command with long arguments, a different...

CVE-2007-2281

HP OpenView Storage Data Protector Cell Manager (rds.exe) vulnerable to a heap overflow due to an integer overflow in _ncp32._NtrpTCPReceiveMsg() when processing data on TCP port 1530. The vulnerability exists in HP OpenView Data Protector 5.50 and 6.0, where a large size parameter leads to under...

CVE-2007-2281

Integer overflow in the ncp32.NtrpTCPReceiveMsg function in rds.exe in the Cell Manager Database Service in the Application Recovery Manager component in HP OpenView Storage Data Protector 5.50 and 6.0 allows remote attackers to execute arbitrary code via a large value in the size parameter...

CVE-2007-2280

CVE-2007-2280 describes a stack-based buffer overflow in HP OpenView Data Protector’s OmniInet.exe (Application Recovery Manager component) triggered by long MSG_PROTOCOL requests, enabling remote code execution. Public details in connected documents show Metasploit modules and Exploit-DB entries...

HP OpenView Network Node Manager OpenView5.exe CGI Buffer Overflow

This module exploits a stack buffer overflow in HP OpenView Network Node Manager 7.50. By sending a specially crafted CGI request, an attacker may be able to execute arbitrary code. This module requires Metasploit: https://metasploit.com/download Current source:...

HP OpenView NNM 7.53, 7.51 OVAS.EXE Pre-Authentication Stack Buffer Overflow

This module exploits a stack buffer overflow in HP OpenView Network Node Manager versions 7.53 and earlier. Specifically this vulnerability is caused by a failure to properly handle user supplied input within the HTTP request including headers and the actual URL GET request. Exploitation is trick...

HP OpenView Network Node Manager多个远程代码执行漏洞

HP OpenView Network Node Manager是一款HP公司开发和维护的网络管理系统软件，具有强大的网络节点管理功能。 HP OpenView Network Node Manager存在多个安全漏洞： CVE-2009-3845： CNCVE ID：CNCVE-20090898 CNCVE-20093845 CNCVE-20093846 CNCVE-20093849 CNCVE-20093848 CNCVE-20094176 CNCVE-20094177 CNCVE-20094178 CNCVE-20094179 CNCVE-20094180 CNCVE-200941...

HP-UX PHSS_36622 : s700_800 11.X OV DP6.00 PA-RISC patch - CORE packet

s700800 11.X OV DP6.00 PA-RISC patch - CORE packet : The remote HP-UX host is affected by multiple vulnerabilities : - A potential security vulnerability has been identified with OpenView Data Protector Application Recovery Manager version 5.5 and 6.0. The vulnerability could be exploited remotel...

HP-UX PHSS_36623 : s700_800 11.X OV DP6.00 IA-64 patch - CORE packet

s700800 11.X OV DP6.00 IA-64 patch - CORE packet : The remote HP-UX host is affected by multiple vulnerabilities : - A potential security vulnerability has been identified with OpenView Data Protector Application Recovery Manager version 5.5 and 6.0. The vulnerability could be exploited remotely ...

HP-UX PHSS_36799 : s700_800 11.X OV DP5.50 PA RISC patch - CS packet

s700800 11.X OV DP5.50 PA RISC patch - CS packet : The remote HP-UX host is affected by multiple vulnerabilities : - Potential security vulnerabilities have been identified with HP OpenView Storage Data Protector running on HP-UX, Windows, Linux and Solaris. These vulnerabilities could be exploit...

HP-UX PHSS_36589 : s700_800 11.X OV DP6.00 IA-64 patch - CS packet

s700800 11.X OV DP6.00 IA-64 patch - CS packet : The remote HP-UX host is affected by multiple vulnerabilities : - A potential security vulnerability has been identified with OpenView Data Protector Application Recovery Manager version 5.5 and 6.0. The vulnerability could be exploited remotely to...

HP-UX PHSS_36800 : s700_800 11.23 OV DP5.50 IA-64 patch - CS packet

s700800 11.23 OV DP5.50 IA-64 patch - CS packet : The remote HP-UX host is affected by multiple vulnerabilities : - Potential security vulnerabilities have been identified with HP OpenView Storage Data Protector running on HP-UX, Windows, Linux and Solaris. These vulnerabilities could be exploite...

HP-UX PHSS_36588 : s700_800 11.X OV DP6.00 PA-RISC patch - CS packet

s700800 11.X OV DP6.00 PA-RISC patch - CS packet : The remote HP-UX host is affected by multiple vulnerabilities : - Potential security vulnerabilities have been identified with HP OpenView Storage Data Protector running on HP-UX, Windows, Linux and Solaris. These vulnerabilities could be exploit...