CVSS: 10.0EPSS: 96%CPEs: 11EXPL: 2CVE-2010-1553 – HP OpenView NNM getnnmdata.exe CGI Invalid MaxAge Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-1553
Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid MaxAge parameter. Desbordamiento de búfer basado en pila en etnnmdata.exe en HP OpenView Network Node Manager (OV NNM) 7.01, 7.51 y 7.53 permite a atacantes remotos ejecutar código de su elección mediante un parámetro MaxAge inválido. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getnnmdata.exe CGI. If this CGI is requested with an invalid MaxAge parameter a sprintf() call is made to log the error. • https://www.exploit-db.com/exploits/17042 https://www.exploit-db.com/exploits/14180 http://marc.info/?l=bugtraq&m=127360750704351&w=2 http://securityreason.com/securityalert/8153 http://www.securityfocus.com/archive/1/511241/100/0/threaded http://zerodayinitiative.com/advisories/ZDI-10-084 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 96%CPEs: 11EXPL: 3CVE-2010-1554 – HP OpenView NNM getnnmdata.exe CGI Invalid ICount Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-1554
Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid iCount parameter. Desbordamiento de búfer basado en pila en etnnmdata.exe en HP OpenView Network Node Manager (OV NNM) 7.01, 7.51 y 7.53 permite a atacantes remotos ejecutar código de su elección mediante un parámetro iCount inválido. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getnnmdata.exe CGI. If this CGI is requested with an invalid iCount POST parameter a sprintf() call is made to log the error. • https://www.exploit-db.com/exploits/17040 https://www.exploit-db.com/exploits/14181 http://marc.info/?l=bugtraq&m=127360750704351&w=2 http://securityreason.com/securityalert/8154 http://www.exploit-db.com/exploits/14181 http://www.securityfocus.com/archive/1/511249/100/0/threaded http://zerodayinitiative.com/advisories/ZDI-10-085 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 96%CPEs: 11EXPL: 2CVE-2010-1555 – HP OpenView NNM getnnmdata.exe CGI Invalid Hostname Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-1555
Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid Hostname parameter. Desbordamiento de búfer basado en pila en etnnmdata.exe en HP OpenView Network Node Manager (OV NNM) 7.01, 7.51 y 7.53 permite a atacantes remotos ejecutar código de su elección mediante un parámetro Hostname inválido. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getnnmdata.exe CGI. If this CGI is requested with an invalid Hostname parameter a sprintf() call is made to log the error. • https://www.exploit-db.com/exploits/17047 https://www.exploit-db.com/exploits/14182 http://marc.info/?l=bugtraq&m=127360750704351&w=2 http://www.securityfocus.com/archive/1/511250/100/0/threaded http://www.securityfocus.com/bid/40072 http://zerodayinitiative.com/advisories/ZDI-10-086 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 11%CPEs: 12EXPL: 0CVE-2009-0898
https://notcve.org/view.php?id=CVE-2009-0898
Stack-based buffer overflow in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a crafted HTTP request. Desbordamiento de búfer en la pila en HP OpenView Network Node Manager (OV NNM) v7.01, v7.51, y v7.53 permite a atacantes remotos ejecutar código arbitrario a través de peticiones HTTP manipuladas. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01950877 http://marc.info/?l=bugtraq&m=126046355120442&w=2 http://www.iss.net/threats/357.html http://www.securityfocus.com/bid/37261 http://www.securityfocus.com/bid/37294 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 13%CPEs: 12EXPL: 0CVE-2009-3847
https://notcve.org/view.php?id=CVE-2009-3847
Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via unknown vectors. Vulnerabilidad sin especificar en HP OpenView Network Node Manager (OV NNM) v7.01, v7.51, y v7.53 permite a atacantes remotos ejecutar codigo arbitrario a través de vectores desconocidos. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01950877 http://marc.info/?l=bugtraq&m=126046355120442&w=2 http://www.securityfocus.com/bid/37261 https://exchange.xforce.ibmcloud.com/vulnerabilities/54840 •