Format string

Format string vulnerability in nnmRptConfig.exe in HP OpenView Network Node Manager OV NNM 7.51 and 7.53 allows remote attackers to execute arbitrary code via format string specifiers in input data that involves an invalid template name...

Buffer overflow

Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager OV NNM 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long dataselect1 parameter...

CVE-2011-0270

The CVE-2011-0270 issue affects HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53. A format-string vulnerability in the CGI program nnmRptConfig.exe when processing an HTTP request with a crafted Template name allows remote code execution. Affected platforms include HP-UX, Linux, Solaris, a...

CVE-2011-0268

CVE-2011-0268 is a buffer overflow in HP OpenView Network Node Manager (OV NNM) using the nnmRptConfig.exe component. It affects OV NNM 7.51 and 7.53 and can allow remote attackers to execute arbitrary code by sending a specially crafted long text1 parameter to the affected CGI, as described in m...

CVE-2011-0261

Unspecified vulnerability in jovgraph.exe in jovgraph in HP OpenView Network Node Manager OV NNM 7.51 and 7.53 allows remote attackers to execute arbitrary code via a malformed displayWidth option in the arg parameter...

CVE-2011-0270

Format string vulnerability in nnmRptConfig.exe in HP OpenView Network Node Manager OV NNM 7.51 and 7.53 allows remote attackers to execute arbitrary code via format string specifiers in input data that involves an invalid template name...

CVE-2011-0266

Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager OV NNM 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long nameParams parameter, a different vulnerability than CVE-2011-0267.2...

CVE-2011-0267

Multiple buffer overflows in nnmRptConfig.exe in HP OpenView Network Node Manager OV NNM 7.51 and 7.53 allow remote attackers to execute arbitrary code via a long 1 schdParams or 2 nameParams parameter, a different vulnerability than CVE-2011-0266...

CVE-2011-0268

Buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager OV NNM 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long text1 parameter...

CVE-2011-0263

Multiple stack-based buffer overflows in ovas.exe in the OVAS service in HP OpenView Network Node Manager OV NNM 7.51 and 7.53 allow remote attackers to execute arbitrary code via a long 1 Source Node or 2 Destination Node variable...

CVE-2011-0265

Summary of CVE-2011-0265 : HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 contains a buffer overflow in nnmRptConfig.exe that can be triggered by an oversized data_select1 parameter in the CNX CGI interface exposed by the webserver (default port 80). This allows remote code execution wit...

iDefense Security Advisory 01.10.11: HP Network Node Manager Command Injection Vulnerability

iDefense Security Advisory 01.10.11 http://labs.idefense.com/intelligence/vulnerabilities/ Jan 10, 2011 I. BACKGROUND HP Network Node Manager Command Injection Vulnerability HP Network Node Manager NNM is an application suite that is used to map out and manage network topography. NNM runs on a...

[security bulletin] HPSBMA02621 SSRT100352 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02670501 Version: 2 HPSBMA02621 SSRT100352 rev.2 - HP OpenView Network Node Manager OV NNM, Remote Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be acted up...

HP OpenView Network Node Manager Multiple RCE Vulnerabilities

HP OpenView Network Node Manager is prone to multiple remote code- execution vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only C...

HP OpenView Network Node Manager code execution

Unfiltered shell characters in CGI scripts allow code execution...

Hewlett-Packard Network Node Manager OVutil.dll Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The flaw exists within the ovutil.dll component which is loaded by the webserver listeni...

Hewlett-Packard OpenView Network Node Manager nnmRptConfig.exe nameParams Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the nnmRptConfig.exe module exposed by the webserver that listens by default o...

HP OpenView Network Node Manager ovutil.dll stringToSeconds Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The exploit would require a crafted HTTP request to the target host. The specific flaw...

Hewlett-Packard OpenView Network Node Manager nnmRptConfig.exe nameParams/text1 Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the nnmRptConfig.exe module exposed by the webserver that listens by default o...

Hewlett-Packard OpenView Network Node Manager nnmRptConfig.exe Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within nnmRptConfig.exe CGI which is exposed by the webserver which listens by defaul...