Page 10 of 62 results (0.012 seconds)

CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0

HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to obtain sensitive information via (1) a crafted request to the nnmRptConfig.exe CGI program, which reveals the pathname of log directories; or (2) a crafted parameter in a request to the ovlaunch.exe CGI program, which reveals configuration details. NOTE: this issue may be partially covered by CVE-2009-0205. HP OpenView Network Node Manager (OV NNM) v7.01, v7.51, y v7.53, permite a atacantes remotos obtener información sensible a través de de (1)un petición manipulada al programa CGI nnmRptConfig.exe, que revela la ruta de los directorios de log; o (2) un parámetro manipulado en una petición al programa CGI ovlaunch.exe, que muestra detalles de la configuración. NOTA: esta cuestión se encuentra parcialmente tratado en el CVE-2009-0205. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01661610 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=771 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 10.0EPSS: 4%CPEs: 12EXPL: 0

HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via shell metacharacters in argument fields to the (1) webappmon.exe or (2) OpenView5.exe CGI program. NOTE: this issue may be partially covered by CVE-2009-0205. HP OpenView Network Node Manager (OV NNM) v7.01, v7.51, y v7.53, permite a atacantes remotos ejecutar código de su elección a través de caracteres de consola en los campos de argumentos a los programas CGI (1) webappmon.exe o (2) OpenView5.exe NOTA: esta cuestión se encuentra parcialmente tratado en el CVE-2009-0205. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01661610 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=770 • CWE-20: Improper Input Validation •

CVSS: 10.0EPSS: 83%CPEs: 1EXPL: 1

Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via (1) long string parameters to the OpenView5.exe CGI program; (2) a long string parameter to the OpenView5.exe CGI program, related to ov.dll; or a long string parameter to the (3) getcvdata.exe, (4) ovlaunch.exe, or (5) Toolbar.exe CGI program. Múltiples desbordamientos de búfer basados en pila en HP OpenView Network Node Manager (OV NNM) v7.51 permite a atacantes remotos ejecutar código de su elección a través de (1) parámetros de cadenas largas del programa CGI OpenView5.exe; (2) un parámetro de cadena larga del programa CGI OpenView5.exe, relacionado con ov.dll; o un parámetro de cadena larga de los programas CGI (3) getcvdata.exe, (4) ovlaunch.exe, o (5) Toolbar.exe. • https://www.exploit-db.com/exploits/16795 http://marc.info/?l=bugtraq&m=123247393715913&w=2 http://secunia.com/advisories/28074 http://secunia.com/secunia_research/2008-13 http://securityreason.com/securityalert/4885 http://securityreason.com/securityalert/8307 http://securitytracker.com/id?1021521 http://www.securityfocus.com/archive/1/499826/100/0/threaded http://www.securityfocus.com/bid/33147 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.0EPSS: 40%CPEs: 4EXPL: 3

Multiple stack-based buffer overflows in ovalarmsrv in HP OpenView Network Node Manager (OV NNM) 7.51, and possibly 7.01, 7.50, and 7.53, allow remote attackers to execute arbitrary code via a long (1) REQUEST_SEV_CHANGE (aka number 47), (2) REQUEST_SAVE_STATE (aka number 61), or (3) REQUEST_RESTORE_STATE (aka number 62) request to TCP port 2954. Múltiples desbordamientos de bufer basados en pila en ovalarmsrv de HP OpenView Network Node Manager(OV NNM) 7.51, 7.01 y, posiblemente, 7.50 y 7.53, permiten a atacantes remotos ejecutar código arbitrario a través de peticiones excesivamente largas a (1) REQUEST_SEV_CHANGE (alias número 47), ( 2) REQUEST_SAVE_STATE (alias número 61), o (3) REQUEST_RESTORE_STATE (alias número 62) al puerto TCP 2954. • https://www.exploit-db.com/exploits/5396 http://aluigi.altervista.org/adv/closedview_old-adv.txt http://downloads.securityfocus.com/vulnerabilities/exploits/28668.c http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01537275 http://secunia.com/advisories/31688 http://securityreason.com/securityalert/4397 http://www.securityfocus.com/archive/1/490541 http://www.securityfocus.com/bid/28668 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.8EPSS: 4%CPEs: 3EXPL: 0

Unspecified vulnerability in ovtopmd in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to cause a denial of service via unknown vectors, a different vulnerability than CVE-2008-3536, CVE-2008-3537, and CVE-2008-3544. NOTE: due to insufficient details from the vendor, it is not clear whether this is the same as CVE-2008-1853. Vulnerabilidad sin especificar en ovtopmd en HP OpenView Network Node Manager(OV NNM) 7.01, 7.51, 7.53 permite a atacantes remotos causar una denegación de servicio a través de vectores desconocidos. Se trata de una vulnerabilidad diferente a la CVE-2008-3536, CVE-2008-3537, y a la CVE-2008-3544. NOTA: debido a la insuficiencia de detalles de los proveedores, no está claro si este es el mismo problema que el de CVE-2008-1853. • http://marc.info/?l=bugtraq&m=122356907004075&w=2 http://secunia.com/advisories/29796 http://securityreason.com/securityalert/4399 http://securitytracker.com/id?1021014 http://www.securityfocus.com/bid/31669 https://exchange.xforce.ibmcloud.com/vulnerabilities/45788 •