80 matches found
CVE-2005-2773
CVE-2005-2773 affects HP OpenView Network Node Manager 6.2 through 7.50. The vulnerability enables remote attackers to execute arbitrary commands by injecting shell metacharacters into parameters handled by CGI scripts (connectedNodes.ovpl, cdpView.ovpl, freeIPaddrs.ovpl, ecscmg.ovpl). Public wri...
CVE-2011-3167
HP OpenView Network Node Manager (NNM) is affected by CVE-2011-3167, a remote code execution vulnerability in the ov.dll module. The issue is a stack-based overflow in the internal function _OVBuildPath when processing overly long input via the web CGI flow (long textFile argument to webappmon.ex...
CVE-2010-1961
CVE-2010-1961 concerns a stack buffer overflow in HP OpenView Network Node Manager (OV NNM) via ovwebsnmpsrv.exe, caused by improper handling of long arguments passed to jovgraph.exe, due to a vulnerable ovutil.dll call (sprintf). Affected products are OV NNM 7.51 and 7.53; exploitation could lea...
CVE-2010-1964
CVE-2010-1964: HP OpenView Network Node Manager ovwebsnmpsrv.exe main/ovutil buffer overflows enable remote code execution via long arg to jovgraph.exe (CGI) in OV NNM 7.53 (and 7.51 per description). Root cause is a stack-based overflow with no stack cookies, allowing SEH overwrites when process...
CVE-2008-4562
CVE-2008-4562 describes a buffer overflow in the HP OpenView Network Node Manager (OV NNM) ovlaunch CGI on Windows, enabling remote code execution via a crafted Host parameter in OV NNM versions 7.01, 7.51, and 7.53. Multiple connected sources (Red Hat advisories and HP patch notes in the Nessus ...
CVE-2008-4560
CVE-2008-4560 affects HP OpenView Network Node Manager (OV NNM) versions 7.01, 7.51, and 7.53. The vulnerability is an information disclosure in which remote attackers can obtain sensitive details via: (1) a crafted request to nnmRptConfig.exe CGI, revealing log directory pathnames; and (2) a cra...
CVE-2008-0068
CVE-2008-0068 describes a directory traversal vulnerability in HP OpenView Network Node Manager (OV NNM) OpenView5.exe, affecting OV NNM versions 7.01, 7.51, and 7.53. The vulnerability allows remote attackers to read arbitrary files via directory traversal sequences in the Action parameter. HP’s...
CVE-2008-4559
HP OpenView Network Node Manager (OV NNM) versions 7.01, 7.51, and 7.53 are affected by CVE-2008-4559. The issue allows remote code execution via shell metacharacters in argument fields passed to the CGI programs webappmon.exe or OpenView5.exe. This is a remote, unauthenticated vector that could ...
CVE-2010-2703
CVE-2010-2703: HP OpenView Network Node Manager (NNM) 7.51/7.53 on Windows is affected by a stack-based buffer overflow in ov.dll (execvp_nc) triggered by a long HTTP request to webappmon.exe, allowing remote code execution. Public exploit content references a 16384-byte buffer and a long 'sel' p...
CVE-2009-4176
CVE-2009-4176 affects HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53. The vulnerability arises from multiple heap-based buffer overflows in ovsessionmgr.exe and ovlogin.exe when processing HTTP POST inputs, specifically the long userid and passwd parameters, enabling remote code e...
CVE-2009-4180
HP OpenView Network Node Manager (OV NNM) snmpviewer.exe has a buffer overflow in the CGI Host header handling, allowing remote code execution via a long HTTP Host header on OV NNM 7.01, 7.51, and 7.53. Root cause: boundary/ strcat usage leading to overflow in Host header processing. Impact is re...
CVE-2009-3840
The CVE-2009-3840 vulnerability affects HP OpenView Network Node Manager (NNM) 7.51 and 7.53. It is caused by a design weakness in processing crafted network packets to the embedded database service (ovdbrun.exe), where an invalid Error Code field can be used by a remote, unauthenticated attacker...
CVE-2009-3845
HP OpenView Network Node Manager (OV NNM) vulnerable on port 3443 HTTP server for OV NNM versions 7.01, 7.51 and 7.53. The hostname parameter is not properly sanitized in Perl/CGI scripts, allowing remote attackers to inject and execute arbitrary commands. Documented components include setMon.ovp...
CVE-2011-3166
HP OpenView Network Node Manager (NNM) is affected by CVE-2011-3166 in the webappmon.exe CGI program, where an insufficient boundary check before a format string leads to a stack overflow and remote code execution. Exploitation is remote and unauthenticated via crafted HTTP requests. Vendor advis...
CVE-2008-0212
HP OpenView Network Node Manager (OV NNM) vulnerable to remote denial of service via ovtopmd by sending a crafted TCP stream on port 2532. Affected versions include 6.41, 7.01, and 7.51. Root cause is an out-of-bounds memory access in ovtopmd when parsing the TCP stream. Exploitation requires no ...
CVE-2010-1553
CVE-2010-1553 affects HP OpenView Network Node Manager (OV NNM) via a stack-based buffer overflow in the CGI endpoint getnnmdata.exe when processing a crafted MaxAge parameter. Affected versions include OV NNM 7.01, 7.51, and 7.53. The vulnerability allows remote attackers to execute arbitrary co...
CVE-2009-1420
HP OpenView Network Node Manager (OV NNM) on Linux contains a stack-based buffer overflow in the rping component that affects OV NNM 7.53 (and 7.51) when SNMP/MIB are used. The issue can allow remote code execution or end-to-end impact (DoS) via unspecified vectors, with some sources noting a CGI...
CVE-2009-2298
CVE-2009-2298 describes a stack-based buffer overflow in HP OpenView Network Node Manager (OV NNM) rping on Linux, affecting NNM 7.53. The flaw arises in the rping component and can be triggered by remote crafted input (potentially via an HTTP/G CGI vector), allowing arbitrary code execution with...
CVE-2010-2709
Summary (CVE-2010-2709) : A stack-based buffer overflow in the HP OpenView Network Node Manager (NNM) CGI component webappmon.exe, triggered by a crafted OvJavaLocale cookie, allows remote code execution. Affected products/versions: OV NNM 7.51 and 7.53 (and likely older releases). The vulnerabil...
CVE-2008-0067
HP OpenView Network Node Manager (OV NNM) contains a CGI buffer overflow in Toolbar.exe (and related CGI programs) that allows remote code execution via crafted HTTP requests. CVE-2008-0067 affects OV NNM versions referenced in the records (notably 7.50/7.53) and has been demonstrated in Metasplo...
CVE-2009-4179
CVE-2009-4179 describes a stack-based buffer overflow in HP OpenView Network Node Manager (NNM) ovalarm.exe CGI component that can be triggered by a long Accept-Language header (and OvAcceptLang cookie context) to execute arbitrary code remotely on affected NNM versions (7.01, 7.51, 7.53). The vu...
CVE-2010-1552
HP OpenView Network Node Manager (OV NNM) snmpviewer.exe contains a stack-based buffer overflow in the doLoad/CGI handling when processing act and app parameters, enabling remote code execution. Affected products include OV NNM 7.01, 7.51, and 7.53. Public exploit modules exist (e.g., Metasploit ...
CVE-2009-3849
HP OpenView Network Node Manager (OV NNM) contains a family of stack-based buffer overflows in 7.01, 7.51, and 7.53 that allow remote code execution via a long Template parameter to nnmRptConfig.exe or a long Oid value to snmp.exe. Public references (Metasploit module, Exploit-DB, and advisories)...
CVE-2010-1554
HP OpenView Network Node Manager (NNM) getnnmdata.exe CGI accepts a crafted ICount parameter, triggering a stack-based buffer overflow that can allow remote code execution. Affected products appear in 7.01, 7.51, 7.53 (per initial CVE entry); separate exploit references describe exploitation for ...
CVE-2011-3165
HP OpenView Network Node Manager (OV NNM) versions 7.51 and 7.53 are affected by multiple remote code execution vulnerabilities (CVE-2011-3165, CVE-2011-3166, CVE-2011-3167) due to insufficient input validation/boundary checks in components such as nnmRptConfig.exe CGI, ov.dll (format string hand...
CVE-2007-6204
CVE-2007-6204 is a stack-based buffer overflow in HP OpenView Network Node Manager (OV NNM) affecting 6.41, 7.01, and 7.51. The flaw allows remote attackers to execute arbitrary code by sending overly long arguments to CGI programs, including ovlogin.exe, OpenView5.exe, snmpviewer.exe, and webapp...
CVE-2010-1551
HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 on multiple OSes is affected by a stack-based buffer overflow in the _OVParseLLA function of ov.dll within netmon.exe, triggered by the sel POST parameter, allowing remote code execution. The vulnerability is exploitable via crafted H...
CVE-2009-4181
HP OpenView Network Node Manager (NNM) ivovwebsnmpsrv.exe vulnerability (CVE-2009-4181) in the ovwebsnmpsrv.exe component allows remote code execution by sending crafted sel and arg parameters to jovgraph.exe (CGI). Affected NNM versions include 7.01, 7.51, and 7.53. The root cause is a stack-bas...
CVE-2010-1960
CVE-2010-1960 is a buffer overflow in HP OpenView Network Node Manager (OV NNM) ovwebsnmpsrv.exe. The flaw occurs in handling HTTP requests to the jovgraph.exe CGI, allowing a remote attacker to execute arbitrary code via a crafted long option to jovgraph.exe. Affected are OV NNM versions around ...
CVE-2011-0264
CVE-2011-0264 : Stack-based buffer overflow in ovutil.dll of HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote code execution via a long COOKIE variable. The flaw is triggered by handling user-supplied COOKIE data and can execute code with the web server’s privileges (Windows ...
CVE-2011-0267
Summary of CVE-2011-0267 (HP OpenView NNM): The vulnerability affects HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 and is associated with the nnmRptConfig.exe component. Affected functionality involves two parameters, schdParams and nameParams, where an overly long input can trigger a ...
CVE-2008-1842
The CVE-2008-1842 issue affects HP OpenView Network Node Manager (OV NNM) v8.01 and earlier (7.53 and older), where ovspmd.exe mishandles a long TCP request to port 8886. The described integer signedness error can cause a heap-based buffer overflow, enabling a remote attacker to crash the daemon ...
CVE-2008-3536
CVE-2008-3536 affects HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 where ovalarmsrv is the vulnerable component. The vulnerability allows remote denial of service via unknown vectors (per the CVE description). HP’s security bulletin HPSBMA02362 lists remediation: patches/phases ...
CVE-2009-3846
HP OpenView Network Node Manager (NNM) vulnerable in OV NNM 7.01, 7.51, and 7.53 due to multiple heap-based overflow flaws in ovlogin.exe when processing userid and passwd parameters in HTTP requests. Remote attackers can potentially execute arbitrary code (often with SYSTEM privileges) by sendin...
CVE-2010-1550
CVE-2010-1550 concerns HP OpenView Network Node Manager (NNM) prior to patching, affecting ovet_demandpoll.exe on OV NNM 7.01, 7.51 and 7.53. The vulnerability is a format-string error triggered by the POST variable sel in the ovet_demandpoll.exe process, allowing remote code execution without au...
CVE-2011-0262
CVE-2011-0262 is a remote-code-execution buffer overflow in HP OpenView Network Node Manager (OV NNM) 7.51/7.53, triggered by oversized parameters to jovgraph.exe via ovwebsnmpsrv.exe’s stringToSeconds in ovutil.dll. The vulnerability is exploitable over the network through crafted HTTP requests ...
CVE-2011-0266
CVE-2011-0266 relates to HP OpenView Network Node Manager (OV NNM) where a buffer overflow in nnmRptConfig.exe is triggered by a long nameParams parameter, leading to remote code execution. The initial CVE description specifies OV NNM versions 7.51 and 7.53 as affected. Connected documents show p...
CVE-2010-1555
HP OpenView Network Node Manager (OV NNM) is affected by CVE-2010-1555 due to a stack-based buffer overflow when processing the Hostname parameter. Affects OV NNM versions 7.01, 7.51, 7.53 (and observed in 7.50/7.53 in exploits). Root cause: boundary error in getnnmdata.exe during Hostname handl...
CVE-2010-3285
HP OpenView Network Node Manager (OV NNM) versions 7.51 and 7.53 are affected by a remote Denial of Service vulnerability (CVE-2010-3285) caused by an unspecified issue. HP’s security bulletin HPSBMA02585 rev.1 confirms a remote DoS impact and provides a hotfix-based resolution for OV NNM v7.53 a...
CVE-2009-4178
CVE-2009-4178 is a documented heap/stack overflow in HP OpenView Network Node Manager’s OvWebHelp.exe CGI Topic handling. Remote attackers could exploit a crafted Topic parameter to execute arbitrary code. Affected versions include OV NNM 7.50/7.53 (and related 7.x builds noted in public advisori...
CVE-2011-0265
Summary of CVE-2011-0265 : HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 contains a buffer overflow in nnmRptConfig.exe that can be triggered by an oversized data_select1 parameter in the CNX CGI interface exposed by the webserver (default port 80). This allows remote code execution wit...
CVE-2011-0268
CVE-2011-0268 is a buffer overflow in HP OpenView Network Node Manager (OV NNM) using the nnmRptConfig.exe component. It affects OV NNM 7.51 and 7.53 and can allow remote attackers to execute arbitrary code by sending a specially crafted long text1 parameter to the affected CGI, as described in m...
CVE-2011-0271
Summary : CVE-2011-0271 affects HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53. The CGI scripts do not properly validate an unspecified parameter, enabling remote attackers to execute arbitrary commands via a crafted value (command injection) on the affected web server. This vulnerabilit...
CVE-2007-1727
HP OpenView Network Node Manager (OV NNM) versions 6.20, 6.4x, 7.01, 7.50, and 7.51 are affected by an unspecified vulnerability that enables remote authenticated users to access certain privileged facilities via unspecified vectors. The NVD entry lists a network-exposed vector with low attack co...
CVE-2008-2438
CVE-2008-2438: HP OpenView Network Node Manager (OV NNM) versions 7.01, 7.51 and 7.53 contain an integer overflow in ovalarmsrv.exe that can be exploited remotely via crafted commands to port 2954/TCP, triggering a heap-based buffer overflow and allowing arbitrary code execution. HP patches PHSS_...
CVE-2009-3848
CVE-2009-3848 describes a stack-based buffer overflow in HP OpenView Network Node Manager (NNM) when handling the Template parameter in the nnmRptConfig.exe CGI. The root cause is copying a long Template into a fixed-size stack buffer via vsprintf, enabling a remote attacker to execute arbitrary ...
CVE-2010-2704
HP OpenView Network Node Manager (OV NNM) versions 7.51 and 7.53 are affected by a buffer overflow in CGI handling (nnmrptconfig.exe / ov.dll) that can allow remote code execution via a long HTTP request. The CVE-2010-2704 issue is described across multiple sources, noting remote arbitrary-code e...
CVE-2011-0270
The CVE-2011-0270 issue affects HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53. A format-string vulnerability in the CGI program nnmRptConfig.exe when processing an HTTP request with a crafted Template name allows remote code execution. Affected platforms include HP-UX, Linux, Solaris, a...
CVE-2009-3847
CVE-2009-3847 affects HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53. The description is an unspecified remote code execution vulnerability, with remediation referenced in HP patches PHSS_40374/PHSS_40375 and guidance to upgrade patches for OV NNM 7.53 (and older versions) as docu...
CVE-2000-0558
HP OpenView Network Node Manager 6.1 is affected by a buffer overflow in the Alarm service (OVALARMSRV) that listens on port 2345, enabling remote command execution. The vulnerability stems from a buffer overflow condition in the OVALARMSRV handling path. The available sources confirm the affecte...