13 results (0.008 seconds)

CVSS: 10.0EPSS: 33%CPEs: 17EXPL: 2

16 Apr 2008 — Integer signedness error in ovspmd.exe in HP OpenView Network Node Manager (OV NNM) 8.01, and 7.53 and earlier, allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a long request to TCP port 8886 that begins with a certain negative integer, which passes a signed comparison and triggers a heap-based buffer overflow. Error en la propiedad signedness de enteros en el archivo ovspmd.exe en HP OpenView Network Node Manager (OV NNM) versiones 8.01 y 7.53 y anteriores,... • https://www.exploit-db.com/exploits/31629 • CWE-189: Numeric Errors •

CVSS: 10.0EPSS: 83%CPEs: 3EXPL: 4

08 Apr 2008 — Stack-based buffer overflow in ovwparser.dll in HP OpenView Network Node Manager (OV NNM) 7.53, 7.51, and earlier allows remote attackers to execute arbitrary code via a long URI in an HTTP request processed by ovas.exe, as demonstrated by a certain topology/homeBaseView request. NOTE: some of these details are obtained from third party information. Un desbordamiento de búfer en la región stack de la memoria en la biblioteca ovwparser.dll en HP OpenView Network Node Manager (OV NNM) versiones 7.53, 7.51 y a... • https://www.exploit-db.com/exploits/5342 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0

06 Feb 2008 — ovtopmd in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allows remote attackers to cause a denial of service (crash) via a crafted TCP request that triggers an out-of-bounds memory access. ovtopmd en HP OpenView Network Node Manager (OV NNM) versiones 6.41, 7.01 y 7.51, permite a los atacantes remotos causar una denegación de servicio (bloqueo) por medio de una petición TCP diseñada que desencadena un acceso de memoria fuera de límites. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=652 • CWE-399: Resource Management Errors •

CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0

13 Dec 2007 — Cross-site scripting (XSS) vulnerability in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, y 7.51 permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección mediante vectores no especificados. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01218087 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 10.0EPSS: 81%CPEs: 3EXPL: 3

06 Dec 2007 — Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allow remote attackers to execute arbitrary code via unspecified long arguments to (1) ovlogin.exe, (2) OpenView5.exe, (3) snmpviewer.exe, and (4) webappmon.exe, as demonstrated via a long Action parameter to OpenView5.exe. Múltiples desbordamientos de búfer en la región stack de la memoria en HP OpenView Network Node Manager (OV NNM) versiones 6.41, 7.01 y 7.51, permiten a los atacantes remotos ejecutar ... • https://www.exploit-db.com/exploits/16805 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 8.1EPSS: 0%CPEs: 13EXPL: 0

28 Mar 2007 — Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 6.20, 6.4x, 7.01, 7.50, and 7.51 allows remote authenticated users to access certain privileged "facilities" via unspecified vectors. Vulnerabilidad sin especificar en el HP OpenView Network Node Manager (OV NNM) 6.20, 6.4x, 7.01, 7.50 y 7.51 permite a usuarios remotos autenticados acceder a ciertos privilegios facilitados mediante vectores sin especificar. • http://secunia.com/advisories/24746 •

CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 0

23 Jan 2007 — Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 6.20, 6.4x, 7.01, and 7.50 allows remote attackers to execute arbitrary commands via unknown vectors. Vulnerabilidad no especificada en HP OpenView Network Node Manager (OV NNM) 6.20, 6.4x, 7.01, y 7.50 permite a atacantes remotos ejecutar comandos de su elección mediante vectores no especificados. • http://osvdb.org/32728 •

CVSS: 7.5EPSS: 0%CPEs: 21EXPL: 0

12 Jan 2007 — Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 6.20, 6.4x, 7.01, and 7.50 allows remote attackers to read arbitrary files via unknown vectors. Vulnerabilidad no especificada en HP OpenView Network Node Manager (OV NNM) 6.20, 6.4x, 7.01, y 7.50 permite a atacantes remotos leer ficheros de su elección mediante vectores desconocidos. • http://osvdb.org/32729 •

CVSS: 9.8EPSS: 2%CPEs: 4EXPL: 0

24 May 2006 — Multiple unspecified vulnerabilities in HP OpenView Network Node Manager (OV NNM) 6.20, 6.4x, 7.01, and 7.50 allow remote attackers to gain privileged access, execute arbitrary commands, or create arbitrary files via unknown vectors. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00672314 •

CVSS: 9.8EPSS: 89%CPEs: 15EXPL: 2

02 Sep 2005 — HP OpenView Network Node Manager 6.2 through 7.50 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) node parameter to connectedNodes.ovpl, (2) cdpView.ovpl, (3) freeIPaddrs.ovpl, and (4) ecscmg.ovpl. HP OpenView Network Node Manager could allow a remote attacker to execute arbitrary commands on the system. • https://www.exploit-db.com/exploits/16887 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •