880 matches found
CVE-2009-4177
CVE-2009-4177 describes a remote code execution risk in HP OpenView Network Node Manager (NNM) CGI hosting webappmon.exe for OV NNM versions 7.01, 7.51, and 7.53. The vulnerability is a boundary/buffer overflow caused by processing a long HTTP Host header, allowing an attacker to inject and execu...
CVE-2009-4176
Multiple heap-based buffer overflows in ovsessionmgr.exe in HP OpenView Network Node Manager OV NNM 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via a long 1 userid or 2 passwd parameter to ovlogin.exe...
CVE-2009-4178
Heap-based buffer overflow in OvWebHelp.exe in HP OpenView Network Node Manager OV NNM 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long Topic parameter...
CVE-2009-3848
Stack-based buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager OV NNM 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long Template parameter, related to the vsprintf function...
CVE-2009-3846
HP OpenView Network Node Manager (NNM) vulnerable in OV NNM 7.01, 7.51, and 7.53 due to multiple heap-based overflow flaws in ovlogin.exe when processing userid and passwd parameters in HTTP requests. Remote attackers can potentially execute arbitrary code (often with SYSTEM privileges) by sendin...
CVE-2009-3847
CVE-2009-3847 affects HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53. The description is an unspecified remote code execution vulnerability, with remediation referenced in HP patches PHSS_40374/PHSS_40375 and guidance to upgrade patches for OV NNM 7.53 (and older versions) as docu...
CVE-2009-4179
CVE-2009-4179 describes a stack-based buffer overflow in HP OpenView Network Node Manager (NNM) ovalarm.exe CGI component that can be triggered by a long Accept-Language header (and OvAcceptLang cookie context) to execute arbitrary code remotely on affected NNM versions (7.01, 7.51, 7.53). The vu...
CVE-2009-4176
CVE-2009-4176 affects HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53. The vulnerability arises from multiple heap-based buffer overflows in ovsessionmgr.exe and ovlogin.exe when processing HTTP POST inputs, specifically the long userid and passwd parameters, enabling remote code e...
CVE-2009-3845
The port-3443 HTTP server in HP OpenView Network Node Manager OV NNM 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary commands via shell metacharacters in the hostname parameter to unspecified Perl scripts...
[security bulletin] HPSBMA02483 SSRT090257 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01950877 Version: 1 HPSBMA02483 SSRT090257 rev.1 - HP OpenView Network Node Manager OV NNM, Remote Execution of Arbitrary Code NOTICE: The information in this Security Bulletin should be acted up...
ZDI-09-097: Hewlett-Packard OpenView NNM nnmRptConfig.exe Template Variable strcat Overflow Vulnerability
ZDI-09-097: Hewlett-Packard OpenView NNM nnmRptConfig.exe Template Variable strcat Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-097 December 9, 2009 -- CVE ID: CVE-2009-3849 -- Affected Vendors: Hewlett-Packard -- Affected Products: Hewlett-Packard OpenView Network No...
TPTI-09-09: HP OpenView NNM ovsessionmgr.exe userid/passwd Heap Overflow Vulnerability
TPTI-09-09: HP OpenView NNM ovsessionmgr.exe userid/passwd Heap Overflow Vulnerability http://dvlabs.tippingpoint.com/advisory/TPTI-09-09 December 9, 2009 -- CVE ID: CVE-2009-4176 -- Affected Vendors: Hewlett-Packard -- Affected Products: Hewlett-Packard OpenView Network Node Manager --...
HP OpenView Network Node Manager CGI programs HTTP Request Buffer Overflow (CVE-2007-6204; CVE-2008-0067)
HP OpenView product consists of a suite of network and system management software applications developed by HP. It includes hundreds of optional modules and components, such as OpenView Quality Manager, OpenView Performance Insight, OpenView Network Node Manager, etc. A buffer overflow...
HP OpenView Network Node Manager Ovalarmsrv Service Buffer Overflow (CVE-2008-3545)
HP OpenView product consists of a suite of network and system management software applications developed by HP. It includes hundreds of optional modules and components, for example: OpenView Quality Manager, OpenView Performance Insight, OpenView Network Node Manager, etc. There exists a buffer...
HP OpenView Network Node Manager HTTP Handling Buffer Overflow (CVE-2008-1697)
HP OpenView product consists of a suite of network and system management software applications developed by HP. It includes hundreds of optional modules and components, for example: OpenView Quality Manager, OpenView Performance Insight, OpenView Network Node Manager, etc. There exists a buffer...
HP OpenView Network Node Manager Toolbar.exe CGI Buffer Overflow
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'HP OpenView Netwo...
HP OpenView Network Node Manager CGI Buffer Overflow
$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'HP OpenView...
Update Protection against HP OpenView Network Node Manager Denial of Service
A denial of service vulnerability exists in HP OpenView Network Node Manager. The flaw is due to a design weakness when processing crafted packets sent to the server. Remote attackers could exploit this vulnerability by sending a malicious request to the affected TCP port. Successful exploitation...
HP OpenView Network Node Manager Multiple Vulnerabilities
The version of HP OpenView Network Node Manager NNM installed on the remote Windows host is affected by multiple vulnerabilities : - The embedded DB service is affected by a denial of service vulnerability that is triggered when it receives a packet with an error code of less than -1. An...
Code injection
The embedded database engine service aka ovdbrun.exe in HP OpenView Network Node Manager OV NNM 7.51 and 7.53 allows remote attackers to cause a denial of service daemon crash via an invalid Error Code field in a packet...