CVE-2010-1555 – HP OpenView NNM getnnmdata.exe CGI Invalid Hostname Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-1555
Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid Hostname parameter. Desbordamiento de búfer basado en pila en etnnmdata.exe en HP OpenView Network Node Manager (OV NNM) 7.01, 7.51 y 7.53 permite a atacantes remotos ejecutar código de su elección mediante un parámetro Hostname inválido. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getnnmdata.exe CGI. If this CGI is requested with an invalid Hostname parameter a sprintf() call is made to log the error. • https://www.exploit-db.com/exploits/17047 https://www.exploit-db.com/exploits/14182 http://marc.info/?l=bugtraq&m=127360750704351&w=2 http://www.securityfocus.com/archive/1/511250/100/0/threaded http://www.securityfocus.com/bid/40072 http://zerodayinitiative.com/advisories/ZDI-10-086 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2009-0898
https://notcve.org/view.php?id=CVE-2009-0898
Stack-based buffer overflow in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a crafted HTTP request. Desbordamiento de búfer en la pila en HP OpenView Network Node Manager (OV NNM) v7.01, v7.51, y v7.53 permite a atacantes remotos ejecutar código arbitrario a través de peticiones HTTP manipuladas. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01950877 http://marc.info/?l=bugtraq&m=126046355120442&w=2 http://www.iss.net/threats/357.html http://www.securityfocus.com/bid/37261 http://www.securityfocus.com/bid/37294 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2009-3847
https://notcve.org/view.php?id=CVE-2009-3847
Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via unknown vectors. Vulnerabilidad sin especificar en HP OpenView Network Node Manager (OV NNM) v7.01, v7.51, y v7.53 permite a atacantes remotos ejecutar codigo arbitrario a través de vectores desconocidos. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01950877 http://marc.info/?l=bugtraq&m=126046355120442&w=2 http://www.securityfocus.com/bid/37261 https://exchange.xforce.ibmcloud.com/vulnerabilities/54840 •
CVE-2009-4181
https://notcve.org/view.php?id=CVE-2009-4181
Stack-based buffer overflow in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via vectors involving the sel and arg parameters to jovgraph.exe. Desbordamiento del búfer de la pila en ovwebsnmpsrv.exe en HP OpenView Network Node Manager (OV NNM) v7.01, v7.51, y v7.53 permite a atacantes remotos ejecutar código arbitrario a través de vectores que incluyen el uso de los parámetros "sel" y "arg" a jovgraph.exe. • http://dvlabs.tippingpoint.com/advisory/TPTI-09-14 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01950877 http://marc.info/?l=bugtraq&m=126046355120442&w=2 http://www.securityfocus.com/archive/1/508357/100/0/threaded http://www.securityfocus.com/bid/37261 http://www.securityfocus.com/bid/37343 https://exchange.xforce.ibmcloud.com/vulnerabilities/54655 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2009-4180
https://notcve.org/view.php?id=CVE-2009-4180
Stack-based buffer overflow in snmpviewer.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long HTTP Host header. desbordamiento del búfer de la pila en snmpviewer.exe en HP OpenView Network Node Manager (OV NNM) v7.01, v7.51, y v7.53 permite a atacantes remotos ejecutar codigo arbitrario a través de una cabecera larga HTTP del host. • http://dvlabs.tippingpoint.com/advisory/TPTI-09-13 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01950877 http://marc.info/?l=bugtraq&m=126046355120442&w=2 http://www.securityfocus.com/archive/1/508356/100/0/threaded http://www.securityfocus.com/bid/37261 http://www.securityfocus.com/bid/37348 https://exchange.xforce.ibmcloud.com/vulnerabilities/54656 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •