10 results (0.009 seconds)

CVSS: 10.0EPSS: 20%CPEs: 17EXPL: 2

Integer signedness error in ovspmd.exe in HP OpenView Network Node Manager (OV NNM) 8.01, and 7.53 and earlier, allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a long request to TCP port 8886 that begins with a certain negative integer, which passes a signed comparison and triggers a heap-based buffer overflow. Error en la propiedad signedness de enteros en el archivo ovspmd.exe en HP OpenView Network Node Manager (OV NNM) versiones 8.01 y 7.53 y anteriores, permite a los atacantes remotos causar una denegación de servicio (bloqueo del demonio) o ejecutar código arbitrario por medio de una petición larga al puerto TCP 8886 que comienza con un determinado entero negativo, que pasa una comparación firmada y desencadena un desbordamiento de búfer en la región heap de la memoria. • https://www.exploit-db.com/exploits/31629 http://aluigi.altervista.org/adv/closedview-adv.txt http://aluigi.org/poc/closedview.zip http://marc.info/?l=bugtraq&m=121321155405849&w=2 http://secunia.com/advisories/29713 http://securitytracker.com/id?1019821 http://www.securityfocus.com/archive/1/493781/100/0/threaded http://www.securityfocus.com/bid/28689 http://www.vupen.com/english/advisories/2008/1159 https://exchange.xforce.ibmcloud.com/vulnerabilities/41737 • CWE-189: Numeric Errors •

CVSS: 10.0EPSS: 95%CPEs: 3EXPL: 4

Stack-based buffer overflow in ovwparser.dll in HP OpenView Network Node Manager (OV NNM) 7.53, 7.51, and earlier allows remote attackers to execute arbitrary code via a long URI in an HTTP request processed by ovas.exe, as demonstrated by a certain topology/homeBaseView request. NOTE: some of these details are obtained from third party information. Un desbordamiento de búfer en la región stack de la memoria en la biblioteca ovwparser.dll en HP OpenView Network Node Manager (OV NNM) versiones 7.53, 7.51 y anteriores, permite a los atacantes remotos ejecutar código arbitrario por medio de un URI largo en una petición HTTP procesada por el archivo ovas.exe, como es demostrado por una determinada petición de topology/homeBaseView. NOTA: algunos de estos datos fueron obtenidos de la información de terceros. • https://www.exploit-db.com/exploits/5342 https://www.exploit-db.com/exploits/16774 http://marc.info/?l=bugtraq&m=121553626110871&w=2 http://secunia.com/advisories/29641 http://www.offensive-security.com/0day/hp-nnm-ov.py.txt http://www.securityfocus.com/bid/28569 http://www.securitytracker.com/id?1019782 http://www.vupen.com/english/advisories/2008/1085/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41600 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.5EPSS: 0%CPEs: 13EXPL: 0

Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 6.20, 6.4x, 7.01, 7.50, and 7.51 allows remote authenticated users to access certain privileged "facilities" via unspecified vectors. Vulnerabilidad sin especificar en el HP OpenView Network Node Manager (OV NNM) 6.20, 6.4x, 7.01, 7.50 y 7.51 permite a usuarios remotos autenticados acceder a ciertos privilegios facilitados mediante vectores sin especificar. • http://secunia.com/advisories/24746 http://www.securityfocus.com/bid/23163 http://www.securitytracker.com/id?1017817 http://www.vupen.com/english/advisories/2007/1121 http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=c00854999 https://exchange.xforce.ibmcloud.com/vulnerabilities/33241 •

CVSS: 5.0EPSS: 0%CPEs: 21EXPL: 0

Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 6.20, 6.4x, 7.01, and 7.50 allows remote attackers to read arbitrary files via unknown vectors. Vulnerabilidad no especificada en HP OpenView Network Node Manager (OV NNM) 6.20, 6.4x, 7.01, y 7.50 permite a atacantes remotos leer ficheros de su elección mediante vectores desconocidos. • http://osvdb.org/32729 http://securityreason.com/securityalert/2140 http://securitytracker.com/id?1017503 http://www.securityfocus.com/archive/1/456615/100/0/threaded http://www.securityfocus.com/bid/22009 http://www.vupen.com/english/advisories/2007/0153 •

CVSS: 7.5EPSS: 93%CPEs: 15EXPL: 2

HP OpenView Network Node Manager 6.2 through 7.50 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) node parameter to connectedNodes.ovpl, (2) cdpView.ovpl, (3) freeIPaddrs.ovpl, and (4) ecscmg.ovpl. HP OpenView Network Node Manager could allow a remote attacker to execute arbitrary commands on the system. • https://www.exploit-db.com/exploits/16887 https://www.exploit-db.com/exploits/1188 http://marc.info/?l=bugtraq&m=112499121725662&w=2 http://secunia.com/advisories/16555 http://www.securityfocus.com/advisories/9150 http://www.securityfocus.com/bid/14662 https://exchange.xforce.ibmcloud.com/vulnerabilities/21999 - •