10 matches found
CVE-2014-2630
CVE-2014-2630 affects HP Glance/Performance Monitoring xglance-bin (HP Operations Agent 11.00). Vulnerable code path due to insecure RPATH (-L/lib64) used by SetUID/SetGID binaries, enabling local privilege escalation to root. Impact described as privilege escalation; fixed version HPSBMU03086 re...
CVE-2012-2019
The CVE-2012-2019 entry concerns HP Operations Agent (fault and performance monitoring) with a vulnerability in the internal process coda.exe that listens on a random TCP port. A bound/stack-based overflow occurs when processing the 0x34 opcode, enabling remote attackers to execute arbitrary code...
CVE-2017-3733
CVE-2017-3733 describes a denial-of-service crash in OpenSSL 1.1.0 before 1.1.0e during a renegotiation handshake when the Encrypt-Then-MAC extension is (mis)negotiated between the original and renegotiated handshakes. The issue affects both clients and servers. Connected documents reiterate the ...
CVE-2014-2647
CVE-2014-2647 is a remote cross-site scripting (XSS) vulnerability in HP OpenView/OpenView HP Operations Broker/HP Operations Agent (HP Operations Manager) for versions prior to 11.14. The weakness allows an attacker to inject arbitrary web script/HTML via unspecified vectors in the web interface...
CVE-2012-2020
HP Operations Agent (coda.exe) contains a buffer overflow in the HP Software Performance Core component that handles the 0x8C opcode, enabling remote code execution via specially crafted requests. The vulnerability affects HP Operations Agent prior to 11.03.12 (and has been demonstrated on 11.00 ...
CVE-2011-2608
CVE-2011-2608 affects HP OpenView Performance Agent (versions 4.70, 5.0) and HP Operations Agent (11.0, 8.60.005–8.60.008, 8.60.501, 8.53). The vulnerability allows remote attackers to delete arbitrary files by sending a full pathname in the File field of a Register command. HP’s security bulleti...
CVE-2010-3004
CVE-2010-3004 concerns HP Operations Agent running on Windows (v7.36 and v8.6). The vulnerability allows remote attackers to execute arbitrary code due to an unspecified root-cause in the agent, with a CVSSv2 base score of 7.5 (high). Known affected versions are Windows-based Operations Agent 7.3...
CVE-2010-0444
HP Operations Agent running on Solaris 10 (versions 8.51, 8.52, 8.53, 8.60) is affected by a vulnerability where the opc_op account password can be blank, enabling remote attackers to execute arbitrary code via unspecified vectors. The issue arises from a default/blank password configuration for ...
CVE-2010-3005
CVE-2010-3005 affects HP Operations Agent for Windows (versions 7.36 and 8.6). The vulnerability enables local privilege escalation (and, per the HP security bulletin, potential remote code execution) via unspecified vectors. HP provides hotfixes for the affected versions (QCCR1A106920/106834 for...
CVE-2011-4160
CVE-2011-4160 affects HP Operations Agent v11.00 and HP Performance Agent v4.73 and v5.0 for AIX, HP-UX, Linux, and Solaris. Root cause: local unauthorized access to restricted directories due to an unspecified vulnerability in how these agents handle access controls. HP Security Bulletin HPSBMU0...