CVE-2009-3847

Unspecified vulnerability in HP OpenView Network Node Manager OV NNM 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via unknown vectors...

DSquare Exploit Pack: D2SEC_HPNNM2

Name| d2sechpnnm2 ---|--- CVE| CVE-2009-3845 Exploit Pack| D2ExploitPack Description| HP Network Node Manager Command Injection Vulnerability Notes|...

DSquare Exploit Pack: D2SEC_HPNNM3

Name| d2sechpnnm3 ---|--- CVE| CVE-2009-3849 Exploit Pack| D2ExploitPack Description| HP Network Node Manager 7.53 Snmp.exe Oid Variable Stack Overflow Vulnerability Notes|...

CVE-2009-4176

Multiple heap-based buffer overflows in ovsessionmgr.exe in HP OpenView Network Node Manager OV NNM 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via a long 1 userid or 2 passwd parameter to ovlogin.exe...

CVE-2009-4181

Stack-based buffer overflow in ovwebsnmpsrv.exe in HP OpenView Network Node Manager OV NNM 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via vectors involving the sel and arg parameters to jovgraph.exe...

Design/Logic Flaw

Unspecified vulnerability in HP OpenView Network Node Manager OV NNM 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via unknown vectors...

CVE-2009-3846

Multiple heap-based buffer overflows in ovlogin.exe in HP OpenView Network Node Manager OV NNM 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via a long 1 userid or 2 passwd parameter...

CVE-2009-3848

Stack-based buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager OV NNM 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long Template parameter, related to the vsprintf function...

CVE-2009-4178

Heap-based buffer overflow in OvWebHelp.exe in HP OpenView Network Node Manager OV NNM 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long Topic parameter...

CVE-2009-4177

CVE-2009-4177 describes a remote code execution risk in HP OpenView Network Node Manager (NNM) CGI hosting webappmon.exe for OV NNM versions 7.01, 7.51, and 7.53. The vulnerability is a boundary/buffer overflow caused by processing a long HTTP Host header, allowing an attacker to inject and execu...

CVE-2009-4176

Multiple heap-based buffer overflows in ovsessionmgr.exe in HP OpenView Network Node Manager OV NNM 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via a long 1 userid or 2 passwd parameter to ovlogin.exe...

CVE-2009-4178

Heap-based buffer overflow in OvWebHelp.exe in HP OpenView Network Node Manager OV NNM 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long Topic parameter...

CVE-2009-3848

Stack-based buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager OV NNM 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long Template parameter, related to the vsprintf function...

CVE-2009-3846

HP OpenView Network Node Manager (NNM) vulnerable in OV NNM 7.01, 7.51, and 7.53 due to multiple heap-based overflow flaws in ovlogin.exe when processing userid and passwd parameters in HTTP requests. Remote attackers can potentially execute arbitrary code (often with SYSTEM privileges) by sendin...

CVE-2009-3847

CVE-2009-3847 affects HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53. The description is an unspecified remote code execution vulnerability, with remediation referenced in HP patches PHSS_40374/PHSS_40375 and guidance to upgrade patches for OV NNM 7.53 (and older versions) as docu...

CVE-2009-4179

CVE-2009-4179 describes a stack-based buffer overflow in HP OpenView Network Node Manager (NNM) ovalarm.exe CGI component that can be triggered by a long Accept-Language header (and OvAcceptLang cookie context) to execute arbitrary code remotely on affected NNM versions (7.01, 7.51, 7.53). The vu...

CVE-2009-3845

The port-3443 HTTP server in HP OpenView Network Node Manager OV NNM 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary commands via shell metacharacters in the hostname parameter to unspecified Perl scripts...

CVE-2009-4176

CVE-2009-4176 affects HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53. The vulnerability arises from multiple heap-based buffer overflows in ovsessionmgr.exe and ovlogin.exe when processing HTTP POST inputs, specifically the long userid and passwd parameters, enabling remote code e...

[security bulletin] HPSBMA02483 SSRT090257 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01950877 Version: 1 HPSBMA02483 SSRT090257 rev.1 - HP OpenView Network Node Manager OV NNM, Remote Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be acted up...

ZDI-09-097: Hewlett-Packard OpenView NNM nnmRptConfig.exe Template Variable strcat Overflow Vulnerability

ZDI-09-097: Hewlett-Packard OpenView NNM nnmRptConfig.exe Template Variable strcat Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-097 December 9, 2009 -- CVE ID: CVE-2009-3849 -- Affected Vendors: Hewlett-Packard -- Affected Products: Hewlett-Packard OpenView Network No...