CVE-2009-3848 – Hewlett-Packard OpenView NNM nnmRptConfig.exe Template Variable vsprintf Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2009-3848
Stack-based buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long Template parameter, related to the vsprintf function. Desbordamiento de búfer en nnmRptConfig.exe en HP OpenView Network Node Manager (OV NNM) v7.01, v7.51, y v7.53 permite a atacantes remotos ejecutar código arbitrario a través del parámetro largo "Template", relacionado con la función vsprintf. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the nnmRptConfig.exe CGI executable accessible via the IIS web server listening by default on TCP port 80. While parsing POST variables, the vulnerable process copies the contents of the Template parameter into a fixed length stack buffer using a vsprintf() call. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01950877 http://marc.info/?l=bugtraq&m=126046355120442&w=2 http://www.securityfocus.com/archive/1/508346/100/0/threaded http://www.securityfocus.com/bid/37261 http://www.securityfocus.com/bid/37296 http://zerodayinitiative.com/advisories/ZDI-09-096 https://exchange.xforce.ibmcloud.com/vulnerabilities/54653 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2009-3845 – Hewlett-Packard OpenView NNM Multiple Command Injection Vulnerabilities
https://notcve.org/view.php?id=CVE-2009-3845
The port-3443 HTTP server in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary commands via shell metacharacters in the hostname parameter to unspecified Perl scripts. El servidor HTTP port-3443 en HP OpenView Network Node Manager (OV NNM) v7.01, v7.51, y v7.53 permite a atacantes remotos ejecutar comandos arbitrarios a través de metacaracteres de shell en el parámetro "hostname" a secuencias de comandos Perl sin especificar. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard's Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaws exist within Perl CGI executables distributed with Network Node Manager (NNM). Several of these applications fail to sanitize the hostname HTTP variable when requests are made to the NNM HTTP server which listens by default on TCP port 3443. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01950877 http://marc.info/?l=bugtraq&m=126046355120442&w=2 http://www.securityfocus.com/archive/1/508345/100/0/threaded http://www.securityfocus.com/bid/37261 http://www.securityfocus.com/bid/37300 http://zerodayinitiative.com/advisories/ZDI-09-094 https://exchange.xforce.ibmcloud.com/vulnerabilities/54651 •
CVE-2009-3849 – Hewlett-Packard OpenView NNM nnmRptConfig.exe Template Variable strcat Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2009-3849
Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via (1) a long Template parameter to nnmRptConfig.exe, related to the strcat function; or (2) a long Oid parameter to snmp.exe. Múltiples desbordamientos del búfer de la pila en HP OpenView Network Node Manager (OV NNM) v7.01, v7.51, y v7.53 permite a atacantes remotos ejecutar código arbitrario a través de (1)el parámetro largo "Template" a nnmRptConfig.exe, relacionado con la función strcat; o (2) un parámetro "Oid" a snmp.exe. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the nnmRptConfig.exe CGI executable accessible via the IIS web server listening by default on TCP port 80. While parsing POST variables this process copies the contents of the Template parameter into a fixed length stack buffer using a strcat call. • https://www.exploit-db.com/exploits/16780 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01950877 http://marc.info/?l=bugtraq&m=126046355120442&w=2 http://www.securityfocus.com/archive/1/508348/100/0/threaded http://www.securityfocus.com/archive/1/508349/100/0/threaded http://www.securityfocus.com/bid/37261 http://www.securityfocus.com/bid/37298 http://www.securityfocus.com/bid/37299 http://zerodayinitiative.com/advisories/ZDI-09-095 http://zerodayi • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2008-4562
https://notcve.org/view.php?id=CVE-2008-4562
Buffer overflow in the ovlaunch CGI program in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 on Windows allows remote attackers to execute arbitrary code via a crafted Host parameter. NOTE: this issue may be partially covered by CVE-2009-0205. Desbordamiento de búfer en el programa CGI en HP OpenView Network Node Manager (OV NNM) v7.01, v7.51, y v7.53 sobre Windows, permite a atacantes remotos ejecutar código de su elección a través del parámetro "Host" manipulado. NOTA: esta cuestión se encuentra parcialmente tratado en el CVE-2009-0205. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01661610 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=772 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2008-4560
https://notcve.org/view.php?id=CVE-2008-4560
HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to obtain sensitive information via (1) a crafted request to the nnmRptConfig.exe CGI program, which reveals the pathname of log directories; or (2) a crafted parameter in a request to the ovlaunch.exe CGI program, which reveals configuration details. NOTE: this issue may be partially covered by CVE-2009-0205. HP OpenView Network Node Manager (OV NNM) v7.01, v7.51, y v7.53, permite a atacantes remotos obtener información sensible a través de de (1)un petición manipulada al programa CGI nnmRptConfig.exe, que revela la ruta de los directorios de log; o (2) un parámetro manipulado en una petición al programa CGI ovlaunch.exe, que muestra detalles de la configuración. NOTA: esta cuestión se encuentra parcialmente tratado en el CVE-2009-0205. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01661610 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=771 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •