CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1346 matches found

Cvelist•added 2009/12/10 10:0 p.m.•28 views

CVE-2009-4178

Heap-based buffer overflow in OvWebHelp.exe in HP OpenView Network Node Manager OV NNM 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long Topic parameter...

7.9AI score0.86098EPSS

Exploits6References7

Cvelist•added 2009/12/10 10:0 p.m.•17 views

CVE-2009-3848

Stack-based buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager OV NNM 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long Template parameter, related to the vsprintf function...

7.8AI score0.19583EPSS

Exploits5References7

Cvelist•added 2009/12/10 10:0 p.m.•23 views

CVE-2009-4177

Buffer overflow in webappmon.exe in HP OpenView Network Node Manager OV NNM 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long HTTP Host header...

7.7AI score0.19495EPSS

Exploits1References6

CVE•added 2009/12/10 10:0 p.m.•67 views

CVE-2009-3845

HP OpenView Network Node Manager (OV NNM) vulnerable on port 3443 HTTP server for OV NNM versions 7.01, 7.51 and 7.53. The hostname parameter is not properly sanitized in Perl/CGI scripts, allowing remote attackers to inject and execute arbitrary commands. Documented components include setMon.ovp...

10CVSS7.4AI score0.16967EPSS

Exploits2References7Affected Software1

CVE•added 2009/12/10 10:0 p.m.•58 views

CVE-2009-3846

HP OpenView Network Node Manager (NNM) vulnerable in OV NNM 7.01, 7.51, and 7.53 due to multiple heap-based overflow flaws in ovlogin.exe when processing userid and passwd parameters in HTTP requests. Remote attackers can potentially execute arbitrary code (often with SYSTEM privileges) by sendin...

10CVSS7.5AI score0.25627EPSS

Exploits1References7Affected Software1

CVE•added 2009/12/10 10:0 p.m.•54 views

CVE-2009-4178

CVE-2009-4178 is a documented heap/stack overflow in HP OpenView Network Node Manager’s OvWebHelp.exe CGI Topic handling. Remote attackers could exploit a crafted Topic parameter to execute arbitrary code. Affected versions include OV NNM 7.50/7.53 (and related 7.x builds noted in public advisori...

10CVSS7.8AI score0.86098EPSS

Exploits6References7Affected Software1

CVE•added 2009/12/10 10:0 p.m.•54 views

CVE-2009-3847

CVE-2009-3847 affects HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53. The description is an unspecified remote code execution vulnerability, with remediation referenced in HP patches PHSS_40374/PHSS_40375 and guidance to upgrade patches for OV NNM 7.53 (and older versions) as docu...

10CVSS7.6AI score0.05521EPSS

Exploits0References4Affected Software1

CVE•added 2009/12/10 10:0 p.m.•60 views

CVE-2009-3849

HP OpenView Network Node Manager (OV NNM) contains a family of stack-based buffer overflows in 7.01, 7.51, and 7.53 that allow remote code execution via a long Template parameter to nnmRptConfig.exe or a long Oid value to snmp.exe. Public references (Metasploit module, Exploit-DB, and advisories)...

10CVSS7.5AI score0.83371EPSS

Exploits5References11Affected Software1

Cvelist•added 2009/12/10 10:0 p.m.•23 views

CVE-2009-3845

The port-3443 HTTP server in HP OpenView Network Node Manager OV NNM 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary commands via shell metacharacters in the hostname parameter to unspecified Perl scripts...

7.5AI score0.16967EPSS

Exploits2References7

CVE•added 2009/12/10 10:0 p.m.•58 views

CVE-2009-4179

CVE-2009-4179 describes a stack-based buffer overflow in HP OpenView Network Node Manager (NNM) ovalarm.exe CGI component that can be triggered by a long Accept-Language header (and OvAcceptLang cookie context) to execute arbitrary code remotely on affected NNM versions (7.01, 7.51, 7.53). The vu...

10CVSS7.7AI score0.77533EPSS

Exploits8References7Affected Software1

CVE•added 2009/12/10 10:0 p.m.•65 views

CVE-2009-4176

CVE-2009-4176 affects HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53. The vulnerability arises from multiple heap-based buffer overflows in ovsessionmgr.exe and ovlogin.exe when processing HTTP POST inputs, specifically the long userid and passwd parameters, enabling remote code e...

10CVSS7.5AI score0.23542EPSS

Exploits1References7Affected Software1

securityvulns•added 2009/12/10 12:0 a.m.•75 views

TPTI-09-13: HP OpenView NNM snmpviewer.exe CGI Host Header Stack Overflow Vulnerability

TPTI-09-13: HP OpenView NNM snmpviewer.exe CGI Host Header Stack Overflow Vulnerability http://dvlabs.tippingpoint.com/advisory/TPTI-09-13 December 9, 2009 -- CVE ID: CVE-2009-4180 -- Affected Vendors: Hewlett-Packard -- Affected Products: Hewlett-Packard OpenView Network Node Manager --...

10CVSS1AI score0.31491EPSS

Exploits1

securityvulns•added 2009/12/10 12:0 a.m.•49 views

HP OpenView NNM multiple security vulnerabilities

Multiple vulnerabilities in different CGI applications...

10CVSS1.4AI score0.86098EPSS

Exploits26References10Affected Software1

securityvulns•added 2009/12/10 12:0 a.m.•92 views

[security bulletin] HPSBMA02483 SSRT090257 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01950877 Version: 1 HPSBMA02483 SSRT090257 rev.1 - HP OpenView Network Node Manager OV NNM, Remote Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be acted up...

10CVSS0.1AI score0.86098EPSS

Exploits26

securityvulns•added 2009/12/09 12:0 a.m.•69 views

ZDI-09-097: Hewlett-Packard OpenView NNM nnmRptConfig.exe Template Variable strcat Overflow Vulnerability

ZDI-09-097: Hewlett-Packard OpenView NNM nnmRptConfig.exe Template Variable strcat Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-097 December 9, 2009 -- CVE ID: CVE-2009-3849 -- Affected Vendors: Hewlett-Packard -- Affected Products: Hewlett-Packard OpenView Network No...

10CVSS1.1AI score0.83371EPSS

Exploits5

securityvulns•added 2009/12/09 12:0 a.m.•80 views

ZDI-09-094: Hewlett-Packard OpenView NNM Multiple Command Injection Vulnerabilities

ZDI-09-094: Hewlett-Packard OpenView NNM Multiple Command Injection Vulnerabilities http://www.zerodayinitiative.com/advisories/ZDI-09-094 December 9, 2009 -- CVE ID: CVE-2009-3845 -- Affected Vendors: Hewlett-Packard -- Affected Products: Hewlett-Packard OpenView Network Node Manager --...

10CVSS0.4AI score0.16967EPSS

Exploits2

securityvulns•added 2009/12/09 12:0 a.m.•107 views

ZDI-09-095: Hewlett-Packard OpenView NNM Snmp.exe Oid Variable Buffer Overflow Vulnerability

ZDI-09-095: Hewlett-Packard OpenView NNM Snmp.exe Oid Variable Buffer Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-095 December 9, 2009 -- CVE ID: CVE-2009-3849 -- Affected Vendors: Hewlett-Packard -- Affected Products: Hewlett-Packard OpenView Network Node Manager --...

10CVSS1AI score0.83371EPSS

Exploits5

Zero Day Initiative•added 2009/12/09 12:0 a.m.•38 views

Hewlett-Packard OpenView NNM nnmRptConfig.exe Template Variable strcat Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the nnmRptConfig.exe CGI executable accessible via the I...

10CVSS5AI score0.83371EPSS

Exploits5References1

Zero Day Initiative•added 2009/12/09 12:0 a.m.•29 views

Hewlett-Packard OpenView NNM Snmp.exe Oid Variable Buffer Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the snmp.exe CGI executable accessible via the IIS web...

10CVSS5.3AI score0.83371EPSS

Exploits5References1

securityvulns•added 2009/12/09 12:0 a.m.•32 views

HP OpenView Data Protector Application Recovery Manager DoS

No description provided...

10CVSS1.4AI score0.76606EPSS

Exploits10References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by