CVE-2011-3166

HP OpenView Network Node Manager (NNM) is affected by CVE-2011-3166 in the webappmon.exe CGI program, where an insufficient boundary check before a format string leads to a stack overflow and remote code execution. Exploitation is remote and unauthenticated via crafted HTTP requests. Vendor advis...

CVE-2011-3165

HP OpenView Network Node Manager (OV NNM) versions 7.51 and 7.53 are affected by multiple remote code execution vulnerabilities (CVE-2011-3165, CVE-2011-3166, CVE-2011-3167) due to insufficient input validation/boundary checks in components such as nnmRptConfig.exe CGI, ov.dll (format string hand...

CVE-2011-3167

HP OpenView Network Node Manager (NNM) is affected by CVE-2011-3167, a remote code execution vulnerability in the ov.dll module. The issue is a stack-based overflow in the internal function _OVBuildPath when processing overly long input via the web CGI flow (long textFile argument to webappmon.ex...

CVE-2011-0270

The CVE-2011-0270 issue affects HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53. A format-string vulnerability in the CGI program nnmRptConfig.exe when processing an HTTP request with a crafted Template name allows remote code execution. Affected platforms include HP-UX, Linux, Solaris, a...

CVE-2011-0268

CVE-2011-0268 is a buffer overflow in HP OpenView Network Node Manager (OV NNM) using the nnmRptConfig.exe component. It affects OV NNM 7.51 and 7.53 and can allow remote attackers to execute arbitrary code by sending a specially crafted long text1 parameter to the affected CGI, as described in m...

CVE-2010-2710

CVE-2010-2710 affects HP OpenView Network Node Manager (NNM) 7.51 and 7.53. The description indicates an unspecified vulnerability that allows remote attackers to execute arbitrary code via unknown vectors. The connected documents corroborate the generic impact but do not provide concrete details...

CVE-2010-2704

HP OpenView Network Node Manager (OV NNM) versions 7.51 and 7.53 are affected by a buffer overflow in CGI handling (nnmrptconfig.exe / ov.dll) that can allow remote code execution via a long HTTP request. The CVE-2010-2704 issue is described across multiple sources, noting remote arbitrary-code e...

CVE-2010-1961

CVE-2010-1961 concerns a stack buffer overflow in HP OpenView Network Node Manager (OV NNM) via ovwebsnmpsrv.exe, caused by improper handling of long arguments passed to jovgraph.exe, due to a vulnerable ovutil.dll call (sprintf). Affected products are OV NNM 7.51 and 7.53; exploitation could lea...

CVE-2010-1555

HP OpenView Network Node Manager (OV NNM) is affected by CVE-2010-1555 due to a stack-based buffer overflow when processing the Hostname parameter. Affects OV NNM versions 7.01, 7.51, 7.53 (and observed in 7.50/7.53 in exploits). Root cause: boundary error in getnnmdata.exe during Hostname handl...

Heap overflow

Multiple heap-based buffer overflows in ovlogin.exe in HP OpenView Network Node Manager OV NNM 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via a long 1 userid or 2 passwd parameter...

CVE-2009-3846

HP OpenView Network Node Manager (NNM) vulnerable in OV NNM 7.01, 7.51, and 7.53 due to multiple heap-based overflow flaws in ovlogin.exe when processing userid and passwd parameters in HTTP requests. Remote attackers can potentially execute arbitrary code (often with SYSTEM privileges) by sendin...

CVE-2009-3847

CVE-2009-3847 affects HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53. The description is an unspecified remote code execution vulnerability, with remediation referenced in HP patches PHSS_40374/PHSS_40375 and guidance to upgrade patches for OV NNM 7.53 (and older versions) as docu...

CVE-2009-0720

HP OpenView Network Node Manager (OV NNM) versions 7.01, 7.51, and 7.53 are affected by CVE-2009-0720, a remote code execution vulnerability via unspecified vectors. Connected sources indicate HP-UX patches PHSS_39246/PHSS_39245 (and equivalent patches for Linux, Solaris, Windows, PA/RH) to resol...

CVE-2009-0921

HP OpenView Network Node Manager (OV NNM) vulnerable to CVE-2009-0921 via heap-based buffer overflows in OvCgi/Toolbar.exe (ov.dll, ovwww.dll) and related components. Affects OV NNM versions 7.01, 7.51, and 7.53. Exploitation involves sending a long OvAcceptLang cookie or a long Accept-Language H...

CVE-2008-4562

CVE-2008-4562 describes a buffer overflow in the HP OpenView Network Node Manager (OV NNM) ovlaunch CGI on Windows, enabling remote code execution via a crafted Host parameter in OV NNM versions 7.01, 7.51, and 7.53. Multiple connected sources (Red Hat advisories and HP patch notes in the Nessus ...

CVE-2008-0068

CVE-2008-0068 describes a directory traversal vulnerability in HP OpenView Network Node Manager (OV NNM) OpenView5.exe, affecting OV NNM versions 7.01, 7.51, and 7.53. The vulnerability allows remote attackers to read arbitrary files via directory traversal sequences in the Action parameter. HP’s...

HP-UX PHSS_36901 : s700_800 11.X OV NNM7.51 PA-RISC Intermediate Patch 17

s700800 11.X OV NNM7.51 PA-RISC Intermediate Patch 17 : The remote HP-UX host is affected by multiple vulnerabilities : - A potential vulnerability has been identified with HP OpenView Network Node Manager OV NNM. This vulnerability could be exploited remotely by an unauthorized user to execute...

CVE-2007-1727

HP OpenView Network Node Manager (OV NNM) versions 6.20, 6.4x, 7.01, 7.50, and 7.51 are affected by an unspecified vulnerability that enables remote authenticated users to access certain privileged facilities via unspecified vectors. The NVD entry lists a network-exposed vector with low attack co...

HP-UX PHSS_32781 : HP OpenView Network Node Manager (OV NNM), Remote Unauthorized Privileged Code Execution, Denial of Service (DoS) (HPSBMA01140 SSRT4795, SSRT4797, SSRT4864 rev.2)

s700800 11.X OV NNM6.4x/ET2.0x Patch for Feb-05 : Potential vulnerabilities have been identified with OpenView Network Node Manager OV NNM. These vulnerabilities could be exploited remotely by an unauthorized user to execute privileged code or to cause a Denial of ServiceDoS. %NASLMINLEVEL 70300 ...

HP-UX PHSS_32515 : HP OpenView Network Node Manager (OV NNM), Remote Denial of Service (DoS) (HPSBMA01125 SSRT4829 rev.2)

s700800 11.23 OV NNM7.50 Patch for Dec-04 : A potential vulnerability has been identified with OpenView Network Node Manager OV NNM. The vulnerability could be exploited remotely by an unauthorized user to create a Denial of Service DoS. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...