CVE-2007-6343
https://notcve.org/view.php?id=CVE-2007-6343
Cross-site scripting (XSS) vulnerability in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, y 7.51 permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección mediante vectores no especificados. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01218087 http://secunia.com/advisories/27846 http://www.securityfocus.com/bid/26637 http://www.securitytracker.com/id?1019016 http://www.vupen.com/english/advisories/2007/4041 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2007-6204 – Hewlett-Packard OpenView Network Node Manager Multiple CGI Buffer Overflow Vulnerabilities
https://notcve.org/view.php?id=CVE-2007-6204
Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allow remote attackers to execute arbitrary code via unspecified long arguments to (1) ovlogin.exe, (2) OpenView5.exe, (3) snmpviewer.exe, and (4) webappmon.exe, as demonstrated via a long Action parameter to OpenView5.exe. Múltiples desbordamientos de búfer en la región stack de la memoria en HP OpenView Network Node Manager (OV NNM) versiones 6.41, 7.01 y 7.51, permiten a los atacantes remotos ejecutar código arbitrario por medio de argumentos largos no especificados en los archivos (1) ovlogin.exe, (2) OpenView5.exe, (3) snmpviewer.exe y (4) webappmon.exe, como es demostrado por medio de un parámetro action largo en el archivo OpenView5.exe. These vulnerabilities allow remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard (HP) OpenView Network Node Manager (NNM). Authentication is not required to exploit these vulnerabilities. The specific flaws exists within the CGI applications that handle the management of the NNM server. Due to lack of bounds checking during a call to sprintf(), sending overly long arguments to the various CGI variables result in a classic stack overflow leading to compromise of the remote server. • https://www.exploit-db.com/exploits/16805 https://www.exploit-db.com/exploits/4724 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01188923 http://secunia.com/advisories/27964 http://securityreason.com/securityalert/3441 http://www.securityfocus.com/archive/1/484704/100/0/threaded http://www.securityfocus.com/bid/26741 http://www.securitytracker.com/id?1019055 http://www.vupen.com/english/advisories/2007/4111 http://www.zerodayinitiative.com/advisories/ZDI-07 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2007-1727
https://notcve.org/view.php?id=CVE-2007-1727
Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 6.20, 6.4x, 7.01, 7.50, and 7.51 allows remote authenticated users to access certain privileged "facilities" via unspecified vectors. Vulnerabilidad sin especificar en el HP OpenView Network Node Manager (OV NNM) 6.20, 6.4x, 7.01, 7.50 y 7.51 permite a usuarios remotos autenticados acceder a ciertos privilegios facilitados mediante vectores sin especificar. • http://secunia.com/advisories/24746 http://www.securityfocus.com/bid/23163 http://www.securitytracker.com/id?1017817 http://www.vupen.com/english/advisories/2007/1121 http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00854999 https://exchange.xforce.ibmcloud.com/vulnerabilities/33241 •
CVE-2007-0441
https://notcve.org/view.php?id=CVE-2007-0441
Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 6.20, 6.4x, 7.01, and 7.50 allows remote attackers to execute arbitrary commands via unknown vectors. Vulnerabilidad no especificada en HP OpenView Network Node Manager (OV NNM) 6.20, 6.4x, 7.01, y 7.50 permite a atacantes remotos ejecutar comandos de su elección mediante vectores no especificados. • http://osvdb.org/32728 http://securitytracker.com/id?1017504 http://www.securityfocus.com/archive/1/456623/100/100/threaded http://www.vupen.com/english/advisories/2007/0153 •
CVE-2007-0206
https://notcve.org/view.php?id=CVE-2007-0206
Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 6.20, 6.4x, 7.01, and 7.50 allows remote attackers to read arbitrary files via unknown vectors. Vulnerabilidad no especificada en HP OpenView Network Node Manager (OV NNM) 6.20, 6.4x, 7.01, y 7.50 permite a atacantes remotos leer ficheros de su elección mediante vectores desconocidos. • http://osvdb.org/32729 http://securityreason.com/securityalert/2140 http://securitytracker.com/id?1017503 http://www.securityfocus.com/archive/1/456615/100/0/threaded http://www.securityfocus.com/bid/22009 http://www.vupen.com/english/advisories/2007/0153 •