CVSS: 10.0EPSS: 4%CPEs: 12EXPL: 0CVE-2008-4562
https://notcve.org/view.php?id=CVE-2008-4562
Buffer overflow in the ovlaunch CGI program in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 on Windows allows remote attackers to execute arbitrary code via a crafted Host parameter. NOTE: this issue may be partially covered by CVE-2009-0205. Desbordamiento de búfer en el programa CGI en HP OpenView Network Node Manager (OV NNM) v7.01, v7.51, y v7.53 sobre Windows, permite a atacantes remotos ejecutar código de su elección a través del parámetro "Host" manipulado. NOTA: esta cuestión se encuentra parcialmente tratado en el CVE-2009-0205. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01661610 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=772 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2008-4560
https://notcve.org/view.php?id=CVE-2008-4560
HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to obtain sensitive information via (1) a crafted request to the nnmRptConfig.exe CGI program, which reveals the pathname of log directories; or (2) a crafted parameter in a request to the ovlaunch.exe CGI program, which reveals configuration details. NOTE: this issue may be partially covered by CVE-2009-0205. HP OpenView Network Node Manager (OV NNM) v7.01, v7.51, y v7.53, permite a atacantes remotos obtener información sensible a través de de (1)un petición manipulada al programa CGI nnmRptConfig.exe, que revela la ruta de los directorios de log; o (2) un parámetro manipulado en una petición al programa CGI ovlaunch.exe, que muestra detalles de la configuración. NOTA: esta cuestión se encuentra parcialmente tratado en el CVE-2009-0205. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01661610 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=771 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 4%CPEs: 12EXPL: 0CVE-2008-4559
https://notcve.org/view.php?id=CVE-2008-4559
HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via shell metacharacters in argument fields to the (1) webappmon.exe or (2) OpenView5.exe CGI program. NOTE: this issue may be partially covered by CVE-2009-0205. HP OpenView Network Node Manager (OV NNM) v7.01, v7.51, y v7.53, permite a atacantes remotos ejecutar código de su elección a través de caracteres de consola en los campos de argumentos a los programas CGI (1) webappmon.exe o (2) OpenView5.exe NOTA: esta cuestión se encuentra parcialmente tratado en el CVE-2009-0205. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01661610 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=770 • CWE-20: Improper Input Validation •
CVSS: 9.0EPSS: 40%CPEs: 4EXPL: 3CVE-2008-3544 – HP OpenView Network Node Manager (OV NNM) 7.53 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2008-3544
Multiple stack-based buffer overflows in ovalarmsrv in HP OpenView Network Node Manager (OV NNM) 7.51, and possibly 7.01, 7.50, and 7.53, allow remote attackers to execute arbitrary code via a long (1) REQUEST_SEV_CHANGE (aka number 47), (2) REQUEST_SAVE_STATE (aka number 61), or (3) REQUEST_RESTORE_STATE (aka number 62) request to TCP port 2954. Múltiples desbordamientos de bufer basados en pila en ovalarmsrv de HP OpenView Network Node Manager(OV NNM) 7.51, 7.01 y, posiblemente, 7.50 y 7.53, permiten a atacantes remotos ejecutar código arbitrario a través de peticiones excesivamente largas a (1) REQUEST_SEV_CHANGE (alias número 47), ( 2) REQUEST_SAVE_STATE (alias número 61), o (3) REQUEST_RESTORE_STATE (alias número 62) al puerto TCP 2954. • https://www.exploit-db.com/exploits/5396 http://aluigi.altervista.org/adv/closedview_old-adv.txt http://downloads.securityfocus.com/vulnerabilities/exploits/28668.c http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01537275 http://secunia.com/advisories/31688 http://securityreason.com/securityalert/4397 http://www.securityfocus.com/archive/1/490541 http://www.securityfocus.com/bid/28668 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 3%CPEs: 3EXPL: 0CVE-2008-3545
https://notcve.org/view.php?id=CVE-2008-3545
Unspecified vulnerability in ovtopmd in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to cause a denial of service via unknown vectors, a different vulnerability than CVE-2008-3536, CVE-2008-3537, and CVE-2008-3544. NOTE: due to insufficient details from the vendor, it is not clear whether this is the same as CVE-2008-1853. Vulnerabilidad sin especificar en ovtopmd en HP OpenView Network Node Manager(OV NNM) 7.01, 7.51, 7.53 permite a atacantes remotos causar una denegación de servicio a través de vectores desconocidos. Se trata de una vulnerabilidad diferente a la CVE-2008-3536, CVE-2008-3537, y a la CVE-2008-3544. NOTA: debido a la insuficiencia de detalles de los proveedores, no está claro si este es el mismo problema que el de CVE-2008-1853. • http://marc.info/?l=bugtraq&m=122356907004075&w=2 http://secunia.com/advisories/29796 http://securityreason.com/securityalert/4399 http://securitytracker.com/id?1021014 http://www.securityfocus.com/bid/31669 https://exchange.xforce.ibmcloud.com/vulnerabilities/45788 •