Lucene search
K
HpOpenview Network Node Manager

80 matches found

CVE
CVE
added 2005/09/02 4:0 a.m.1004 views

CVE-2005-2773

CVE-2005-2773 affects HP OpenView Network Node Manager 6.2 through 7.50. The vulnerability enables remote attackers to execute arbitrary commands by injecting shell metacharacters into parameters handled by CGI scripts (connectedNodes.ovpl, cdpView.ovpl, freeIPaddrs.ovpl, ecscmg.ovpl). Public wri...

9.8CVSS7.4AI score0.7409EPSS
In wildWeb
CVE
CVE
added 2011/11/02 5:0 p.m.153 views

CVE-2011-3167

HP OpenView Network Node Manager (NNM) is affected by CVE-2011-3167, a remote code execution vulnerability in the ov.dll module. The issue is a stack-based overflow in the internal function _OVBuildPath when processing overly long input via the web CGI flow (long textFile argument to webappmon.ex...

10CVSS7.6AI score0.66402EPSS
CVE
CVE
added 2010/06/10 12:0 a.m.127 views

CVE-2010-1961

CVE-2010-1961 concerns a stack buffer overflow in HP OpenView Network Node Manager (OV NNM) via ovwebsnmpsrv.exe, caused by improper handling of long arguments passed to jovgraph.exe, due to a vulnerable ovutil.dll call (sprintf). Affected products are OV NNM 7.51 and 7.53; exploitation could lea...

10CVSS7.9AI score0.6911EPSS
Web
CVE
CVE
added 2010/06/17 4:0 p.m.89 views

CVE-2010-1964

CVE-2010-1964: HP OpenView Network Node Manager ovwebsnmpsrv.exe main/ovutil buffer overflows enable remote code execution via long arg to jovgraph.exe (CGI) in OV NNM 7.53 (and 7.51 per description). Root cause is a stack-based overflow with no stack cookies, allowing SEH overwrites when process...

7.5CVSS7.9AI score0.67991EPSS
Web
CVE
CVE
added 2009/02/08 9:0 p.m.81 views

CVE-2008-4562

CVE-2008-4562 describes a buffer overflow in the HP OpenView Network Node Manager (OV NNM) ovlaunch CGI on Windows, enabling remote code execution via a crafted Host parameter in OV NNM versions 7.01, 7.51, and 7.53. Multiple connected sources (Red Hat advisories and HP patch notes in the Nessus ...

10CVSS7.7AI score0.08437EPSS
CVE
CVE
added 2009/02/08 9:0 p.m.79 views

CVE-2008-4560

CVE-2008-4560 affects HP OpenView Network Node Manager (OV NNM) versions 7.01, 7.51, and 7.53. The vulnerability is an information disclosure in which remote attackers can obtain sensitive details via: (1) a crafted request to nnmRptConfig.exe CGI, revealing log directory pathnames; and (2) a cra...

7.8CVSS6AI score0.03476EPSS
CVE
CVE
added 2008/04/16 6:0 p.m.77 views

CVE-2008-0068

CVE-2008-0068 describes a directory traversal vulnerability in HP OpenView Network Node Manager (OV NNM) OpenView5.exe, affecting OV NNM versions 7.01, 7.51, and 7.53. The vulnerability allows remote attackers to read arbitrary files via directory traversal sequences in the Action parameter. HP’s...

5CVSS6.5AI score0.05088EPSS
CVE
CVE
added 2009/02/08 9:0 p.m.76 views

CVE-2008-4559

HP OpenView Network Node Manager (OV NNM) versions 7.01, 7.51, and 7.53 are affected by CVE-2008-4559. The issue allows remote code execution via shell metacharacters in argument fields passed to the CGI programs webappmon.exe or OpenView5.exe. This is a remote, unauthenticated vector that could ...

10CVSS7.6AI score0.16387EPSS
CVE
CVE
added 2010/07/27 10:0 p.m.75 views

CVE-2010-2703

CVE-2010-2703: HP OpenView Network Node Manager (NNM) 7.51/7.53 on Windows is affected by a stack-based buffer overflow in ov.dll (execvp_nc) triggered by a long HTTP request to webappmon.exe, allowing remote code execution. Public exploit content references a 16384-byte buffer and a long 'sel' p...

10CVSS7.9AI score0.71381EPSS
Web
CVE
CVE
added 2009/12/10 10:0 p.m.73 views

CVE-2009-4176

CVE-2009-4176 affects HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53. The vulnerability arises from multiple heap-based buffer overflows in ovsessionmgr.exe and ovlogin.exe when processing HTTP POST inputs, specifically the long userid and passwd parameters, enabling remote code e...

10CVSS7.5AI score0.11794EPSS
CVE
CVE
added 2009/12/10 10:0 p.m.73 views

CVE-2009-4180

HP OpenView Network Node Manager (OV NNM) snmpviewer.exe has a buffer overflow in the CGI Host header handling, allowing remote code execution via a long HTTP Host header on OV NNM 7.01, 7.51, and 7.53. Root cause: boundary/ strcat usage leading to overflow in Host header processing. Impact is re...

10CVSS7.8AI score0.1387EPSS
CVE
CVE
added 2009/11/19 12:0 a.m.71 views

CVE-2009-3840

The CVE-2009-3840 vulnerability affects HP OpenView Network Node Manager (NNM) 7.51 and 7.53. It is caused by a design weakness in processing crafted network packets to the embedded database service (ovdbrun.exe), where an invalid Error Code field can be used by a remote, unauthenticated attacker...

5CVSS6.3AI score0.09342EPSS
CVE
CVE
added 2009/12/10 10:0 p.m.71 views

CVE-2009-3845

HP OpenView Network Node Manager (OV NNM) vulnerable on port 3443 HTTP server for OV NNM versions 7.01, 7.51 and 7.53. The hostname parameter is not properly sanitized in Perl/CGI scripts, allowing remote attackers to inject and execute arbitrary commands. Documented components include setMon.ovp...

10CVSS7.4AI score0.21951EPSS
CVE
CVE
added 2011/11/02 5:0 p.m.71 views

CVE-2011-3166

HP OpenView Network Node Manager (NNM) is affected by CVE-2011-3166 in the webappmon.exe CGI program, where an insufficient boundary check before a format string leads to a stack overflow and remote code execution. Exploitation is remote and unauthenticated via crafted HTTP requests. Vendor advis...

10CVSS7.7AI score0.12003EPSS
CVE
CVE
added 2008/02/06 8:0 p.m.70 views

CVE-2008-0212

HP OpenView Network Node Manager (OV NNM) vulnerable to remote denial of service via ovtopmd by sending a crafted TCP stream on port 2532. Affected versions include 6.41, 7.01, and 7.51. Root cause is an out-of-bounds memory access in ovtopmd when parsing the TCP stream. Exploitation requires no ...

7.8CVSS6.3AI score0.04443EPSS
CVE
CVE
added 2010/05/13 5:0 p.m.70 views

CVE-2010-1553

CVE-2010-1553 affects HP OpenView Network Node Manager (OV NNM) via a stack-based buffer overflow in the CGI endpoint getnnmdata.exe when processing a crafted MaxAge parameter. Affected versions include OV NNM 7.01, 7.51, and 7.53. The vulnerability allows remote attackers to execute arbitrary co...

10CVSS8AI score0.72168EPSS
Web
CVE
CVE
added 2009/06/11 3:0 p.m.68 views

CVE-2009-1420

HP OpenView Network Node Manager (OV NNM) on Linux contains a stack-based buffer overflow in the rping component that affects OV NNM 7.53 (and 7.51) when SNMP/MIB are used. The issue can allow remote code execution or end-to-end impact (DoS) via unspecified vectors, with some sources noting a CGI...

10CVSS8.2AI score0.1345EPSS
CVE
CVE
added 2009/07/02 10:0 a.m.68 views

CVE-2009-2298

CVE-2009-2298 describes a stack-based buffer overflow in HP OpenView Network Node Manager (OV NNM) rping on Linux, affecting NNM 7.53. The flaw arises in the rping component and can be triggered by remote crafted input (potentially via an HTTP/G CGI vector), allowing arbitrary code execution with...

7.5CVSS8.2AI score0.06433EPSS
CVE
CVE
added 2010/08/05 6:0 p.m.68 views

CVE-2010-2709

Summary (CVE-2010-2709) : A stack-based buffer overflow in the HP OpenView Network Node Manager (NNM) CGI component webappmon.exe, triggered by a crafted OvJavaLocale cookie, allows remote code execution. Affected products/versions: OV NNM 7.51 and 7.53 (and likely older releases). The vulnerabil...

9.3CVSS7.9AI score0.42261EPSS
Web
CVE
CVE
added 2009/01/08 7:0 p.m.67 views

CVE-2008-0067

HP OpenView Network Node Manager (OV NNM) contains a CGI buffer overflow in Toolbar.exe (and related CGI programs) that allows remote code execution via crafted HTTP requests. CVE-2008-0067 affects OV NNM versions referenced in the records (notably 7.50/7.53) and has been demonstrated in Metasplo...

10CVSS7.6AI score0.63419EPSS
CVE
CVE
added 2009/12/10 10:0 p.m.67 views

CVE-2009-4179

CVE-2009-4179 describes a stack-based buffer overflow in HP OpenView Network Node Manager (NNM) ovalarm.exe CGI component that can be triggered by a long Accept-Language header (and OvAcceptLang cookie context) to execute arbitrary code remotely on affected NNM versions (7.01, 7.51, 7.53). The vu...

10CVSS7.7AI score0.66973EPSS
Web
CVE
CVE
added 2010/05/13 5:0 p.m.67 views

CVE-2010-1552

HP OpenView Network Node Manager (OV NNM) snmpviewer.exe contains a stack-based buffer overflow in the doLoad/CGI handling when processing act and app parameters, enabling remote code execution. Affected products include OV NNM 7.01, 7.51, and 7.53. Public exploit modules exist (e.g., Metasploit ...

10CVSS8AI score0.68892EPSS
Web
CVE
CVE
added 2009/12/10 10:0 p.m.66 views

CVE-2009-3849

HP OpenView Network Node Manager (OV NNM) contains a family of stack-based buffer overflows in 7.01, 7.51, and 7.53 that allow remote code execution via a long Template parameter to nnmRptConfig.exe or a long Oid value to snmp.exe. Public references (Metasploit module, Exploit-DB, and advisories)...

10CVSS7.5AI score0.73694EPSS
Web
CVE
CVE
added 2010/05/13 5:0 p.m.66 views

CVE-2010-1554

HP OpenView Network Node Manager (NNM) getnnmdata.exe CGI accepts a crafted ICount parameter, triggering a stack-based buffer overflow that can allow remote code execution. Affected products appear in 7.01, 7.51, 7.53 (per initial CVE entry); separate exploit references describe exploitation for ...

10CVSS8AI score0.67786EPSS
Web
CVE
CVE
added 2011/11/02 5:0 p.m.66 views

CVE-2011-3165

HP OpenView Network Node Manager (OV NNM) versions 7.51 and 7.53 are affected by multiple remote code execution vulnerabilities (CVE-2011-3165, CVE-2011-3166, CVE-2011-3167) due to insufficient input validation/boundary checks in components such as nnmRptConfig.exe CGI, ov.dll (format string hand...

10CVSS7.8AI score0.12003EPSS
CVE
CVE
added 2007/12/13 9:0 p.m.65 views

CVE-2007-6204

CVE-2007-6204 is a stack-based buffer overflow in HP OpenView Network Node Manager (OV NNM) affecting 6.41, 7.01, and 7.51. The flaw allows remote attackers to execute arbitrary code by sending overly long arguments to CGI programs, including ovlogin.exe, OpenView5.exe, snmpviewer.exe, and webapp...

10CVSS7.5AI score0.69613EPSS
Web
CVE
CVE
added 2010/05/13 5:0 p.m.65 views

CVE-2010-1551

HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 on multiple OSes is affected by a stack-based buffer overflow in the _OVParseLLA function of ov.dll within netmon.exe, triggered by the sel POST parameter, allowing remote code execution. The vulnerability is exploitable via crafted H...

10CVSS8.1AI score0.13078EPSS
CVE
CVE
added 2009/12/10 10:0 p.m.64 views

CVE-2009-4181

HP OpenView Network Node Manager (NNM) ivovwebsnmpsrv.exe vulnerability (CVE-2009-4181) in the ovwebsnmpsrv.exe component allows remote code execution by sending crafted sel and arg parameters to jovgraph.exe (CGI). Affected NNM versions include 7.01, 7.51, and 7.53. The root cause is a stack-bas...

10CVSS7.7AI score0.1086EPSS
CVE
CVE
added 2010/06/10 12:0 a.m.64 views

CVE-2010-1960

CVE-2010-1960 is a buffer overflow in HP OpenView Network Node Manager (OV NNM) ovwebsnmpsrv.exe. The flaw occurs in handling HTTP requests to the jovgraph.exe CGI, allowing a remote attacker to execute arbitrary code via a crafted long option to jovgraph.exe. Affected are OV NNM versions around ...

10CVSS7.8AI score0.6911EPSS
Web
CVE
CVE
added 2011/01/13 6:35 p.m.63 views

CVE-2011-0264

CVE-2011-0264 : Stack-based buffer overflow in ovutil.dll of HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote code execution via a long COOKIE variable. The flaw is triggered by handling user-supplied COOKIE data and can execute code with the web server’s privileges (Windows ...

10CVSS8AI score0.17101EPSS
CVE
CVE
added 2011/01/13 6:35 p.m.63 views

CVE-2011-0267

Summary of CVE-2011-0267 (HP OpenView NNM): The vulnerability affects HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 and is associated with the nnmRptConfig.exe component. Affected functionality involves two parameters, schdParams and nameParams, where an overly long input can trigger a ...

10CVSS7.6AI score0.7166EPSS
Web
CVE
CVE
added 2008/04/16 5:0 p.m.62 views

CVE-2008-1842

The CVE-2008-1842 issue affects HP OpenView Network Node Manager (OV NNM) v8.01 and earlier (7.53 and older), where ovspmd.exe mishandles a long TCP request to port 8886. The described integer signedness error can cause a heap-based buffer overflow, enabling a remote attacker to crash the daemon ...

10CVSS7.7AI score0.12193EPSS
CVE
CVE
added 2008/09/03 2:0 p.m.62 views

CVE-2008-3536

CVE-2008-3536 affects HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 where ovalarmsrv is the vulnerable component. The vulnerability allows remote denial of service via unknown vectors (per the CVE description). HP’s security bulletin HPSBMA02362 lists remediation: patches/phases ...

7.8CVSS6.2AI score0.04674EPSS
CVE
CVE
added 2009/12/10 10:0 p.m.62 views

CVE-2009-3846

HP OpenView Network Node Manager (NNM) vulnerable in OV NNM 7.01, 7.51, and 7.53 due to multiple heap-based overflow flaws in ovlogin.exe when processing userid and passwd parameters in HTTP requests. Remote attackers can potentially execute arbitrary code (often with SYSTEM privileges) by sendin...

10CVSS7.5AI score0.1387EPSS
CVE
CVE
added 2010/05/13 5:0 p.m.62 views

CVE-2010-1550

CVE-2010-1550 concerns HP OpenView Network Node Manager (NNM) prior to patching, affecting ovet_demandpoll.exe on OV NNM 7.01, 7.51 and 7.53. The vulnerability is a format-string error triggered by the POST variable sel in the ovet_demandpoll.exe process, allowing remote code execution without au...

10CVSS7.6AI score0.11769EPSS
CVE
CVE
added 2011/01/13 6:35 p.m.62 views

CVE-2011-0262

CVE-2011-0262 is a remote-code-execution buffer overflow in HP OpenView Network Node Manager (OV NNM) 7.51/7.53, triggered by oversized parameters to jovgraph.exe via ovwebsnmpsrv.exe’s stringToSeconds in ovutil.dll. The vulnerability is exploitable over the network through crafted HTTP requests ...

10CVSS7.8AI score0.17101EPSS
CVE
CVE
added 2011/01/13 6:35 p.m.62 views

CVE-2011-0266

CVE-2011-0266 relates to HP OpenView Network Node Manager (OV NNM) where a buffer overflow in nnmRptConfig.exe is triggered by a long nameParams parameter, leading to remote code execution. The initial CVE description specifies OV NNM versions 7.51 and 7.53 as affected. Connected documents show p...

10CVSS7.8AI score0.70111EPSS
Web
CVE
CVE
added 2010/05/13 5:0 p.m.61 views

CVE-2010-1555

HP OpenView Network Node Manager (OV NNM) is affected by CVE-2010-1555 due to a stack-based buffer overflow when processing the Hostname parameter. Affects OV NNM versions 7.01, 7.51, 7.53 (and observed in 7.50/7.53 in exploits). Root cause: boundary error in getnnmdata.exe during Hostname handl...

10CVSS8AI score0.64447EPSS
Web
CVE
CVE
added 2010/09/24 6:0 p.m.61 views

CVE-2010-3285

HP OpenView Network Node Manager (OV NNM) versions 7.51 and 7.53 are affected by a remote Denial of Service vulnerability (CVE-2010-3285) caused by an unspecified issue. HP’s security bulletin HPSBMA02585 rev.1 confirms a remote DoS impact and provides a hotfix-based resolution for OV NNM v7.53 a...

5CVSS6.7AI score0.03323EPSS
CVE
CVE
added 2009/12/10 10:0 p.m.60 views

CVE-2009-4178

CVE-2009-4178 is a documented heap/stack overflow in HP OpenView Network Node Manager’s OvWebHelp.exe CGI Topic handling. Remote attackers could exploit a crafted Topic parameter to execute arbitrary code. Affected versions include OV NNM 7.50/7.53 (and related 7.x builds noted in public advisori...

10CVSS7.8AI score0.74024EPSS
Web
CVE
CVE
added 2011/01/13 6:35 p.m.60 views

CVE-2011-0265

Summary of CVE-2011-0265 : HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 contains a buffer overflow in nnmRptConfig.exe that can be triggered by an oversized data_select1 parameter in the CNX CGI interface exposed by the webserver (default port 80). This allows remote code execution wit...

10CVSS7.9AI score0.16546EPSS
CVE
CVE
added 2011/01/13 6:35 p.m.60 views

CVE-2011-0268

CVE-2011-0268 is a buffer overflow in HP OpenView Network Node Manager (OV NNM) using the nnmRptConfig.exe component. It affects OV NNM 7.51 and 7.53 and can allow remote attackers to execute arbitrary code by sending a specially crafted long text1 parameter to the affected CGI, as described in m...

10CVSS7.8AI score0.15629EPSS
CVE
CVE
added 2011/01/13 6:35 p.m.60 views

CVE-2011-0271

Summary : CVE-2011-0271 affects HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53. The CGI scripts do not properly validate an unspecified parameter, enabling remote attackers to execute arbitrary commands via a crafted value (command injection) on the affected web server. This vulnerabilit...

10CVSS8AI score0.0733EPSS
CVE
CVE
added 2007/03/28 10:0 a.m.59 views

CVE-2007-1727

HP OpenView Network Node Manager (OV NNM) versions 6.20, 6.4x, 7.01, 7.50, and 7.51 are affected by an unspecified vulnerability that enables remote authenticated users to access certain privileged facilities via unspecified vectors. The NVD entry lists a network-exposed vector with low attack co...

6.5CVSS6.2AI score0.01544EPSS
CVE
CVE
added 2009/04/28 4:0 p.m.59 views

CVE-2008-2438

CVE-2008-2438: HP OpenView Network Node Manager (OV NNM) versions 7.01, 7.51 and 7.53 contain an integer overflow in ovalarmsrv.exe that can be exploited remotely via crafted commands to port 2954/TCP, triggering a heap-based buffer overflow and allowing arbitrary code execution. HP patches PHSS_...

10CVSS8AI score0.11434EPSS
CVE
CVE
added 2009/12/10 10:0 p.m.59 views

CVE-2009-3848

CVE-2009-3848 describes a stack-based buffer overflow in HP OpenView Network Node Manager (NNM) when handling the Template parameter in the nnmRptConfig.exe CGI. The root cause is copying a long Template into a fixed-size stack buffer via vsprintf, enabling a remote attacker to execute arbitrary ...

10CVSS7.7AI score0.11794EPSS
CVE
CVE
added 2010/07/27 10:0 p.m.59 views

CVE-2010-2704

HP OpenView Network Node Manager (OV NNM) versions 7.51 and 7.53 are affected by a buffer overflow in CGI handling (nnmrptconfig.exe / ov.dll) that can allow remote code execution via a long HTTP request. The CVE-2010-2704 issue is described across multiple sources, noting remote arbitrary-code e...

10CVSS8AI score0.14926EPSS
CVE
CVE
added 2011/01/13 6:35 p.m.59 views

CVE-2011-0270

The CVE-2011-0270 issue affects HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53. A format-string vulnerability in the CGI program nnmRptConfig.exe when processing an HTTP request with a crafted Template name allows remote code execution. Affected platforms include HP-UX, Linux, Solaris, a...

10CVSS7.7AI score0.1631EPSS
CVE
CVE
added 2009/12/10 10:0 p.m.58 views

CVE-2009-3847

CVE-2009-3847 affects HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53. The description is an unspecified remote code execution vulnerability, with remediation referenced in HP patches PHSS_40374/PHSS_40375 and guidance to upgrade patches for OV NNM 7.53 (and older versions) as docu...

10CVSS7.6AI score0.10059EPSS
CVE
CVE
added 2000/10/13 4:0 a.m.57 views

CVE-2000-0558

HP OpenView Network Node Manager 6.1 is affected by a buffer overflow in the Alarm service (OVALARMSRV) that listens on port 2345, enabling remote command execution. The vulnerability stems from a buffer overflow condition in the OVALARMSRV handling path. The available sources confirm the affecte...

10CVSS8.3AI score0.05208EPSS
Total number of security vulnerabilities80