DSquare Exploit Pack: D2SEC_HPNNM6

Name| d2sechpnnm6 ---|--- CVE| CVE-2010-1552 Exploit Pack| D2ExploitPack Description| HP Network Node Manager 7.53 snmpviewer.exe act Variable Stack Overflow Vulnerability Notes|...

Format string

Format string vulnerability in ovetdemandpoll.exe in HP OpenView Network Node Manager OV NNM 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via format string specifiers in the sel parameter...

Stack overflow

Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager OV NNM 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid iCount parameter...

Stack overflow

Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager OV NNM 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid Hostname parameter...

CVE-2010-1551

Stack-based buffer overflow in the OVParseLLA function in ov.dll in netmon.exe in Network Monitor in HP OpenView Network Node Manager OV NNM 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via the sel parameter...

CVE-2010-1550

CVE-2010-1550 concerns HP OpenView Network Node Manager (NNM) prior to patching, affecting ovet_demandpoll.exe on OV NNM 7.01, 7.51 and 7.53. The vulnerability is a format-string error triggered by the POST variable sel in the ovet_demandpoll.exe process, allowing remote code execution without au...

CVE-2010-1555

Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager OV NNM 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid Hostname parameter...

CVE-2010-1552

HP OpenView Network Node Manager (OV NNM) snmpviewer.exe contains a stack-based buffer overflow in the doLoad/CGI handling when processing act and app parameters, enabling remote code execution. Affected products include OV NNM 7.01, 7.51, and 7.53. Public exploit modules exist (e.g., Metasploit ...

CVE-2010-1552

Stack-based buffer overflow in the doLoad function in snmpviewer.exe in HP OpenView Network Node Manager OV NNM 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via the act and app parameters...

CVE-2010-1550

Format string vulnerability in ovetdemandpoll.exe in HP OpenView Network Node Manager OV NNM 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via format string specifiers in the sel parameter...

CVE-2010-1555

HP OpenView Network Node Manager (OV NNM) is affected by CVE-2010-1555 due to a stack-based buffer overflow when processing the Hostname parameter. Affects OV NNM versions 7.01, 7.51, 7.53 (and observed in 7.50/7.53 in exploits). Root cause: boundary error in getnnmdata.exe during Hostname handl...

ZDI-10-084: HP OpenView NNM getnnmdata.exe CGI Invalid MaxAge Remote Code Execution Vulnerability

ZDI-10-084: HP OpenView NNM getnnmdata.exe CGI Invalid MaxAge Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-084 May 11, 2010 -- CVE ID: CVE-2010-1553 -- Affected Vendors: Hewlett-Packard -- Affected Products: Hewlett-Packard OpenView Network Node Manager -...

ZDI-10-083: HP OpenView NNM snmpviewer.exe CGI Multiple Variable Remote Code Execution Vulnerability

ZDI-10-083: HP OpenView NNM snmpviewer.exe CGI Multiple Variable Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-083 May 11, 2010 -- CVE ID: CVE-2010-1552 -- Affected Vendors: Hewlett-Packard -- Affected Products: Hewlett-Packard OpenView Network Node Manage...

ZDI-10-081: HP OpenView NNM ovet_demandpoll sel CGI Variable Format String Remote Code Execution Vulnerability

ZDI-10-081: HP OpenView NNM ovetdemandpoll sel CGI Variable Format String Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-081 May 11, 2010 -- CVE ID: CVE-2010-1550 -- Affected Vendors: Hewlett-Packard -- Affected Products: Hewlett-Packard OpenView Network No...

ZDI-10-086: HP OpenView NNM getnnmdata.exe CGI Invalid Hostname Remote Code Execution Vulnerability

ZDI-10-086: HP OpenView NNM getnnmdata.exe CGI Invalid Hostname Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-086 May 11, 2010 -- CVE ID: CVE-2010-1555 -- Affected Vendors: Hewlett-Packard -- Affected Products: Hewlett-Packard OpenView Network Node Manager...

ZDI-10-085: HP OpenView NNM getnnmdata.exe CGI Invalid ICount Remote Code Execution Vulnerability

ZDI-10-085: HP OpenView NNM getnnmdata.exe CGI Invalid ICount Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-085 May 11, 2010 -- CVE ID: CVE-2010-1554 -- Affected Vendors: Hewlett-Packard -- Affected Products: Hewlett-Packard OpenView Network Node Manager -...

HP OpenView Network Node Manage multiple security vulnerabilities

Vulnerabilities in multiple CGI applications...

[security bulletin] HPSBMA02527 SSRT010098 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c02153379 Version: 1 HPSBMA02527 SSRT010098 rev.1 - HP OpenView Network Node Manager OV NNM, Remote Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be acted up...

HP OpenView NNM netmon sel CGI Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Network Monitor netmon.exe daemon. This process can be started by invoking...

HP OpenView NNM snmpviewer.exe CGI Multiple Variable Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the snmpviewer.exe CGI. The doLoad function in this process calls sprintf with...