«
Expand/Collapse
309 items tagged "network node manager"
Related tags:
overflow [+],
code security [+],
code [+],
bulletin [+],
safer use [+],
hpsbux [+],
vupen [+],
target host [+],
stack overflow [+],
manager toolbar [+],
exploits [+],
buffer overflow vulnerability [+],
node [+],
manager i [+],
network [+],
manager nnmrptconfig [+],
information disclosure vulnerability [+],
dll module [+],
denial of service [+],
openview [+],
hp network [+],
hp ux [+],
hpsbma [+],
vulnerability research [+],
txt [+],
ssrt [+],
manager execution [+],
manager [+],
critical vulnerability [+],
arbitrary code execution [+],
apache http server [+],
zero day [+],
snmpviewer [+],
security bulletin [+],
memory corruption [+],
line string [+],
internet guest [+],
idefense security advisory [+],
idefense [+],
format specifier [+],
exe component [+],
destination node [+],
denial of service dos [+],
command [+],
code revision [+],
alpha [+],
zero [+],
day [+],
manager. authentication [+],
vulnerability [+],
unauthorized [+],
security restrictions [+],
research [+],
remote buffer overflow [+],
packard [+],
manager cve [+],
jp1 [+],
dll [+],
hpsbmu [+],
initiative [+],
target service [+],
stack buffer [+],
security vulnerabilities [+],
tcp port 80 [+],
potential security vulnerability [+],
write [+],
site [+],
service vulnerability [+],
scripting [+],
s system [+],
read access [+],
read [+],
nnmi [+],
manager ovutil [+],
malicious users [+],
java denial [+],
information [+],
hp openview nnm [+],
dos vulnerability [+],
cross [+],
bugtraq [+],
bof [+],
code execution [+],
buffer [+],
based buffer overflow [+],
buffer overflow [+],
secunia [+],
exe [+],
advisory [+],
security [+],
hp openview network node manager [+],
uri,
request,
process,
ovwebhelp,
ovalarm,
nnm,
java runtime environment,
java developer kit,
java,
hp openview,
hitachi,
file permissions,
command line arguments,
command line argument,
cgi,
arbitrary code
-
-
20:54
»
Packet Storm Security Advisories
HP Security Bulletin HPSBMU02744 SSRT100776 2 - A potential security vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerability could be remotely exploited resulting in unauthorized disclosure of information. Revision 2 of this advisory.
-
20:54
»
Packet Storm Security Recent Files
HP Security Bulletin HPSBMU02744 SSRT100776 2 - A potential security vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerability could be remotely exploited resulting in unauthorized disclosure of information. Revision 2 of this advisory.
-
20:54
»
Packet Storm Security Misc. Files
HP Security Bulletin HPSBMU02744 SSRT100776 2 - A potential security vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerability could be remotely exploited resulting in unauthorized disclosure of information. Revision 2 of this advisory.
-
20:38
»
Packet Storm Security Advisories
HP Security Bulletin HPSBMU02748 SSRT100772 - Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM) running Apache HTTP Server. The vulnerabilities could be exploited remotely resulting in unauthorized disclosure of information, unauthorized modification, or Denial of Service (DoS). Revision 1 of this advisory.
-
20:38
»
Packet Storm Security Recent Files
HP Security Bulletin HPSBMU02748 SSRT100772 - Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM) running Apache HTTP Server. The vulnerabilities could be exploited remotely resulting in unauthorized disclosure of information, unauthorized modification, or Denial of Service (DoS). Revision 1 of this advisory.
-
20:38
»
Packet Storm Security Misc. Files
HP Security Bulletin HPSBMU02748 SSRT100772 - Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM) running Apache HTTP Server. The vulnerabilities could be exploited remotely resulting in unauthorized disclosure of information, unauthorized modification, or Denial of Service (DoS). Revision 1 of this advisory.
-
19:50
»
Packet Storm Security Advisories
HP Security Bulletin HPSBMU02747 SSRT100771 - Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM) running Apache Tomcat. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.
-
8:01
»
SecurityFocus Vulnerabilities
[security bulletin] HPSBMU02748 SSRT100772 rev.1 - HP OpenView Network Node Manager (OV NNM) Running Apache HTTP Server, Remote Unauthorized Disclosure of Information, Unauthorized Modification, Denial of Service (DoS)
-
8:00
»
SecurityFocus Vulnerabilities
[security bulletin] HPSBMU02744 SSRT100776 rev.2 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Disclosure of Information
-
-
15:23
»
Packet Storm Security Advisories
HP Security Bulletin HPSBMU02744 SSRT100776 - A potential security vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerability could be remotely exploited resulting in unauthorized disclosure of information. Revision 1 of this advisory.
-
15:23
»
Packet Storm Security Recent Files
HP Security Bulletin HPSBMU02744 SSRT100776 - A potential security vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerability could be remotely exploited resulting in unauthorized disclosure of information. Revision 1 of this advisory.
-
15:23
»
Packet Storm Security Misc. Files
HP Security Bulletin HPSBMU02744 SSRT100776 - A potential security vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerability could be remotely exploited resulting in unauthorized disclosure of information. Revision 1 of this advisory.
-
12:00
»
SecurityFocus Vulnerabilities
[security bulletin] HPSBMU02744 SSRT100776 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Disclosure of Information
-
9:22
»
Packet Storm Security Exploits
This Metasploit module exploits a stack buffer overflow in HP OpenView Network Node Manager 7.53 prior to NNM_01213 without the SSRT100649 hotfix. By specifying a long 'textFile' argument when calling the 'webappmon.exe' CGI program, an attacker can cause a stack-based buffer overflow and execute arbitrary code. The vulnerable code is within the "_OVBuildPath" function within "ov.dll". There are no stack cookies, so exploitation is achieved by overwriting the saved return address. The vulnerability is due to the use of the function "_OVConcatPath" which finally uses "strcat" in a insecure way. User controlled data is concatenated to a string which contains the OpenView installation path. To achieve reliable exploitation a directory traversal in OpenView5.exe (OSVDB 44359) is being used to retrieve OpenView logs and disclose the installation path.
-
9:22
»
Packet Storm Security Recent Files
This Metasploit module exploits a stack buffer overflow in HP OpenView Network Node Manager 7.53 prior to NNM_01213 without the SSRT100649 hotfix. By specifying a long 'textFile' argument when calling the 'webappmon.exe' CGI program, an attacker can cause a stack-based buffer overflow and execute arbitrary code. The vulnerable code is within the "_OVBuildPath" function within "ov.dll". There are no stack cookies, so exploitation is achieved by overwriting the saved return address. The vulnerability is due to the use of the function "_OVConcatPath" which finally uses "strcat" in a insecure way. User controlled data is concatenated to a string which contains the OpenView installation path. To achieve reliable exploitation a directory traversal in OpenView5.exe (OSVDB 44359) is being used to retrieve OpenView logs and disclose the installation path.
-
9:22
»
Packet Storm Security Misc. Files
This Metasploit module exploits a stack buffer overflow in HP OpenView Network Node Manager 7.53 prior to NNM_01213 without the SSRT100649 hotfix. By specifying a long 'textFile' argument when calling the 'webappmon.exe' CGI program, an attacker can cause a stack-based buffer overflow and execute arbitrary code. The vulnerable code is within the "_OVBuildPath" function within "ov.dll". There are no stack cookies, so exploitation is achieved by overwriting the saved return address. The vulnerability is due to the use of the function "_OVConcatPath" which finally uses "strcat" in a insecure way. User controlled data is concatenated to a string which contains the OpenView installation path. To achieve reliable exploitation a directory traversal in OpenView5.exe (OSVDB 44359) is being used to retrieve OpenView logs and disclose the installation path.
-
-
16:06
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 12-03 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within webappmon.exe CGI program. When processing crafted parameters, there exists an insufficient boundary check before supplying a format string with the values, causing a stack overflow. This can lead to memory corruption which can be leveraged to execute arbitrary code under the context of the target service.
-
16:06
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 12-03 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within webappmon.exe CGI program. When processing crafted parameters, there exists an insufficient boundary check before supplying a format string with the values, causing a stack overflow. This can lead to memory corruption which can be leveraged to execute arbitrary code under the context of the target service.
-
16:06
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 12-03 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within webappmon.exe CGI program. When processing crafted parameters, there exists an insufficient boundary check before supplying a format string with the values, causing a stack overflow. This can lead to memory corruption which can be leveraged to execute arbitrary code under the context of the target service.
-
16:05
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 12-02 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within ov.dll. When processing a user supplied file name for the textFile option, there exists an insufficient boundary check before supplying the value to a format string within _OVBuildPath, causing a stack overflow. This can lead to memory corruption which can be leveraged to execute arbitrary code under the context of the target service.
-
16:05
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 12-02 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within ov.dll. When processing a user supplied file name for the textFile option, there exists an insufficient boundary check before supplying the value to a format string within _OVBuildPath, causing a stack overflow. This can lead to memory corruption which can be leveraged to execute arbitrary code under the context of the target service.
-
16:05
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 12-02 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within ov.dll. When processing a user supplied file name for the textFile option, there exists an insufficient boundary check before supplying the value to a format string within _OVBuildPath, causing a stack overflow. This can lead to memory corruption which can be leveraged to execute arbitrary code under the context of the target service.
-
-
18:39
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 11-348 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within nnmRotConfig.exe CGI program. When processing crafted nameParams parameters, there exists an insufficient boundary check that can lead to a insufficient heap buffer, enabling a heap overflow. This can lead to memory corruption which can be leveraged to execute arbitrary code under the context of the target service.
-
18:39
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 11-348 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within nnmRotConfig.exe CGI program. When processing crafted nameParams parameters, there exists an insufficient boundary check that can lead to a insufficient heap buffer, enabling a heap overflow. This can lead to memory corruption which can be leveraged to execute arbitrary code under the context of the target service.
-
18:39
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 11-348 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within nnmRotConfig.exe CGI program. When processing crafted nameParams parameters, there exists an insufficient boundary check that can lead to a insufficient heap buffer, enabling a heap overflow. This can lead to memory corruption which can be leveraged to execute arbitrary code under the context of the target service.
-
-
19:39
»
Packet Storm Security Advisories
Secunia Security Advisory - Multiple vulnerabilities have been discovered in HP Network Node Manager i, which can be exploited by malicious people to conduct cross-site scripting attacks.
-
-
0:33
»
Packet Storm Security Advisories
Secunia Security Advisory - HP has acknowledged some vulnerabilities in Network Node Manager i, which can be exploited by malicious people to potentially disclose sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service), or compromise a user's system.
-
-
21:07
»
Packet Storm Security Advisories
HP Security Bulletin HPSBMU02714 SSRT100244 2 - A potential security vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerability could be remotely exploited resulting in unauthorized disclosure of information. Revision 2 of this advisory.
-
21:07
»
Packet Storm Security Recent Files
HP Security Bulletin HPSBMU02714 SSRT100244 2 - A potential security vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerability could be remotely exploited resulting in unauthorized disclosure of information. Revision 2 of this advisory.
-
21:07
»
Packet Storm Security Misc. Files
HP Security Bulletin HPSBMU02714 SSRT100244 2 - A potential security vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerability could be remotely exploited resulting in unauthorized disclosure of information. Revision 2 of this advisory.
-
11:00
»
SecurityFocus Vulnerabilities
[security bulletin] HPSBMU02714 SSRT100244 rev.2 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Disclosure of Information
-
-
19:07
»
Packet Storm Security Advisories
HP Security Bulletin HPSBMU02708 SSRT100633 - Potential security vulnerabilities have been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerabilities could be remotely exploited resulting in cross site scripting (XSS). Revision 1 of this advisory.
-
19:07
»
Packet Storm Security Recent Files
HP Security Bulletin HPSBMU02708 SSRT100633 - Potential security vulnerabilities have been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerabilities could be remotely exploited resulting in cross site scripting (XSS). Revision 1 of this advisory.
-
19:07
»
Packet Storm Security Misc. Files
HP Security Bulletin HPSBMU02708 SSRT100633 - Potential security vulnerabilities have been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerabilities could be remotely exploited resulting in cross site scripting (XSS). Revision 1 of this advisory.
-
10:00
»
SecurityFocus Vulnerabilities
[security bulletin] HPSBMU02708 SSRT100633 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Cross Site Scripting (XSS)
-
10:00
»
SecurityFocus Vulnerabilities
[security bulletin] HPSBMA02659 SSRT100440 rev.2 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Access
-
-
22:51
»
Packet Storm Security Advisories
Secunia Security Advisory - Some vulnerabilities have been reported in HP Network Node Manager, which can be exploited by malicious people to conduct cross-site scripting attacks.
-
-
3:01
»
Packet Storm Security Advisories
Secunia Security Advisory - HP has acknowledged multiple vulnerabilities in HP OpenView Network Node Manager, which can be exploited by malicious people to cause a DoS (Denial of Service).
-
-
15:08
»
Packet Storm Security Advisories
HP Security Bulletin HPSBMU02704 SSRT100619 - Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM) running Apache. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.
-
15:08
»
Packet Storm Security Recent Files
HP Security Bulletin HPSBMU02704 SSRT100619 - Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM) running Apache. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.
-
15:08
»
Packet Storm Security Misc. Files
HP Security Bulletin HPSBMU02704 SSRT100619 - Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM) running Apache. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.
-
13:00
»
SecurityFocus Vulnerabilities
[security bulletin] HPSBMU02704 SSRT100619 rev.1 - HP OpenView Network Node Manager (OV NNM) Running Apache, Remote Denial of Service (DoS)
-
-
2:46
»
Packet Storm Security Advisories
Secunia Security Advisory - Multiple vulnerabilities have been reported in HP OpenView Network Node Manager, which can be exploited by malicious people to compromise a vulnerable system.
-
-
16:59
»
Packet Storm Security Advisories
HP Security Bulletin HPSBMU02712 SSRT100649 - Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to execute arbitrary code under the context of the user running the web server. Revision 1 of this advisory.
-
16:59
»
Packet Storm Security Recent Files
HP Security Bulletin HPSBMU02712 SSRT100649 - Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to execute arbitrary code under the context of the user running the web server. Revision 1 of this advisory.
-
16:59
»
Packet Storm Security Misc. Files
HP Security Bulletin HPSBMU02712 SSRT100649 - Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to execute arbitrary code under the context of the user running the web server. Revision 1 of this advisory.
-
-
18:55
»
Packet Storm Security Advisories
Secunia Security Advisory - HP has acknowledged a security issue in HP Network Node Manager i, which can be exploited by malicious people to bypass certain security restrictions.
-
16:11
»
Packet Storm Security Advisories
HP Security Bulletin HPSBMU02714 SSRT100244 - A potential security vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerability could be remotely exploited resulting in unauthorized disclosure of information. Revision 1 of this advisory.
-
16:11
»
Packet Storm Security Recent Files
HP Security Bulletin HPSBMU02714 SSRT100244 - A potential security vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerability could be remotely exploited resulting in unauthorized disclosure of information. Revision 1 of this advisory.
-
16:11
»
Packet Storm Security Misc. Files
HP Security Bulletin HPSBMU02714 SSRT100244 - A potential security vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerability could be remotely exploited resulting in unauthorized disclosure of information. Revision 1 of this advisory.
-
-
22:48
»
Packet Storm Security Advisories
Secunia Security Advisory - Some vulnerabilities have been reported in Hitachi JP1/Cm2/Network Node Manager, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
-
-
18:09
»
SecuriTeam
An Information Disclosure vulnerability was identified in HP Network Node Manager i.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
22:03
»
Packet Storm Security Advisories
HP Security Bulletin HPSBMU02703 SSRT100242 - Potential security vulnerabilities have been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerabilities could be remotely exploited resulting in Denial of Service (DoS), unauthorized disclosure of information, and unauthorized modification. Revision 1 of this advisory.
-
22:03
»
Packet Storm Security Recent Files
HP Security Bulletin HPSBMU02703 SSRT100242 - Potential security vulnerabilities have been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerabilities could be remotely exploited resulting in Denial of Service (DoS), unauthorized disclosure of information, and unauthorized modification. Revision 1 of this advisory.
-
22:03
»
Packet Storm Security Misc. Files
HP Security Bulletin HPSBMU02703 SSRT100242 - Potential security vulnerabilities have been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerabilities could be remotely exploited resulting in Denial of Service (DoS), unauthorized disclosure of information, and unauthorized modification. Revision 1 of this advisory.
-
11:00
»
SecurityFocus Vulnerabilities
[security bulletin] HPSBMU02703 SSRT100242 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Denial of Service (DoS), Unauthorized Disclosure of Information, Unauthorized Modification
-
-
23:54
»
SecuriTeam
A potential vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
23:49
»
SecuriTeam
A potential vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
23:49
»
SecuriTeam
A potential vulnerability has been identified with HP Network Node Manage.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
23:03
»
Packet Storm Security Advisories
Secunia Security Advisory - Multiple vulnerabilities have been reported in Hitachi JP1/Cm2/Network Node Manager, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
-
-
13:09
»
SecuriTeam
HP Network Node Manager i (NNMi) contains a remote Information Disclosure vulnerability.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
8:54
»
Packet Storm Security Exploits
This Metasploit module exploits a stack buffer overflow in HP OpenView Network Node Manager 7.50. By sending a specially crafted CGI request to Toolbar.exe, an attacker may be able to execute arbitrary code.
-
8:54
»
Packet Storm Security Recent Files
This Metasploit module exploits a stack buffer overflow in HP OpenView Network Node Manager 7.50. By sending a specially crafted CGI request to Toolbar.exe, an attacker may be able to execute arbitrary code.
-
8:54
»
Packet Storm Security Misc. Files
This Metasploit module exploits a stack buffer overflow in HP OpenView Network Node Manager 7.50. By sending a specially crafted CGI request to Toolbar.exe, an attacker may be able to execute arbitrary code.
-
8:50
»
Packet Storm Security Exploits
This Metasploit module exploits a stack buffer overflow in HP OpenView Network Node Manager 7.0 and 7.53. By sending a CGI request with a specially OvOSLocale cookie to Toolbar.exe, an attacker may be able to execute arbitrary code. Please note that this module only works against a specific build (ie. NNM 7.53_01195)
-
8:50
»
Packet Storm Security Recent Files
This Metasploit module exploits a stack buffer overflow in HP OpenView Network Node Manager 7.0 and 7.53. By sending a CGI request with a specially OvOSLocale cookie to Toolbar.exe, an attacker may be able to execute arbitrary code. Please note that this module only works against a specific build (ie. NNM 7.53_01195)
-
8:50
»
Packet Storm Security Misc. Files
This Metasploit module exploits a stack buffer overflow in HP OpenView Network Node Manager 7.0 and 7.53. By sending a CGI request with a specially OvOSLocale cookie to Toolbar.exe, an attacker may be able to execute arbitrary code. Please note that this module only works against a specific build (ie. NNM 7.53_01195)
-
-
12:22
»
Packet Storm Security Advisories
HP Security Bulletin HPSBMA02652 SSRT100432 - A potential vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerability could be remotely exploited resulting in information disclosure. Revision 4 of this advisory.
-
12:22
»
Packet Storm Security Recent Files
HP Security Bulletin HPSBMA02652 SSRT100432 - A potential vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerability could be remotely exploited resulting in information disclosure. Revision 4 of this advisory.
-
12:22
»
Packet Storm Security Misc. Files
HP Security Bulletin HPSBMA02652 SSRT100432 - A potential vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerability could be remotely exploited resulting in information disclosure. Revision 4 of this advisory.
-
-
20:26
»
Packet Storm Security Advisories
Secunia Security Advisory - A security issue has been reported in HP Network Node Manager i, which can be exploited by malicious, local users to disclose sensitive information and manipulate certain data.
-
18:02
»
Packet Storm Security Advisories
HP Security Bulletin HPSBMA02672 SSRT100485 - A potential vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerability could be exploited by a local user to read and write data and log files. Revision 1 of this advisory.
-
18:02
»
Packet Storm Security Recent Files
HP Security Bulletin HPSBMA02672 SSRT100485 - A potential vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerability could be exploited by a local user to read and write data and log files. Revision 1 of this advisory.
-
18:02
»
Packet Storm Security Misc. Files
HP Security Bulletin HPSBMA02672 SSRT100485 - A potential vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerability could be exploited by a local user to read and write data and log files. Revision 1 of this advisory.
-
18:01
»
Packet Storm Security Advisories
HP Security Bulletin HPSBMA02642 SSRT100415 2 - A potential vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows running Java. The vulnerability could be remotely exploited to create a Denial of Service (DoS). Revision 2 of this advisory.
-
18:01
»
Packet Storm Security Recent Files
HP Security Bulletin HPSBMA02642 SSRT100415 2 - A potential vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows running Java. The vulnerability could be remotely exploited to create a Denial of Service (DoS). Revision 2 of this advisory.
-
18:01
»
Packet Storm Security Misc. Files
HP Security Bulletin HPSBMA02642 SSRT100415 2 - A potential vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows running Java. The vulnerability could be remotely exploited to create a Denial of Service (DoS). Revision 2 of this advisory.
-
13:00
»
SecurityFocus Vulnerabilities
[security bulletin] HPSBMA02672 SSRT100485 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Local Read and Write Access to Data and Log Files
-
11:00
»
SecurityFocus Vulnerabilities
[security bulletin] HPSBMA02642 SSRT100415 rev.2 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows running Java, Remote Denial of Service (DoS)
-
-
12:27
»
Packet Storm Security Advisories
HP Security Bulletin HPSBMA02659 SSRT100440 - A potential vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerability could be remotely exploited resulting in unauthorized access to NNMi processes. Revision 1 of this advisory.
-
12:27
»
Packet Storm Security Recent Files
HP Security Bulletin HPSBMA02659 SSRT100440 - A potential vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerability could be remotely exploited resulting in unauthorized access to NNMi processes. Revision 1 of this advisory.
-
12:27
»
Packet Storm Security Misc. Files
HP Security Bulletin HPSBMA02659 SSRT100440 - A potential vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerability could be remotely exploited resulting in unauthorized access to NNMi processes. Revision 1 of this advisory.
-
12:00
»
SecurityFocus Vulnerabilities
[security bulletin] HPSBMA02659 SSRT100440 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Access
-
4:26
»
Packet Storm Security Advisories
Secunia Security Advisory - A vulnerability has been reported in HP Network Node Manager i, which can be exploited by malicious users to bypass certain security restrictions.
-
-
23:25
»
Packet Storm Security Advisories
Secunia Security Advisory - HP has acknowledged a vulnerability in Network Node Manager i, which can be exploited by malicious people to cause a DoS (Denial of Service).
-
23:25
»
Packet Storm Security Advisories
Secunia Security Advisory - Two vulnerabilities have been reported in HP Network Node Manager i, which can be exploited by malicious, local users to bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks.
-
-
10:16
»
Packet Storm Security Advisories
HP Security Bulletin HPSBMA02652 SSRT100432 3 - A potential vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerability could be remotely exploited resulting in information disclosure. Revision 3 of this advisory.
-
10:16
»
Packet Storm Security Recent Files
HP Security Bulletin HPSBMA02652 SSRT100432 3 - A potential vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerability could be remotely exploited resulting in information disclosure. Revision 3 of this advisory.
-
10:16
»
Packet Storm Security Misc. Files
HP Security Bulletin HPSBMA02652 SSRT100432 3 - A potential vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerability could be remotely exploited resulting in information disclosure. Revision 3 of this advisory.
-
10:00
»
SecurityFocus Vulnerabilities
[security bulletin] HPSBMA02652 SSRT100432 rev.3 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Information Disclosure
-
9:30
»
Packet Storm Security Advisories
HP Security Bulletin HPSBMA02643 SSRT100416 2 - Potential security vulnerabilities have been identified with HP Network Node Manager i (NNMi). One vulnerability could be exploited by a local user to gain unauthorized access to files. The other vulnerability could result in remote cross site scripting (XSS). Revision 2 of this advisory.
-
9:30
»
Packet Storm Security Recent Files
HP Security Bulletin HPSBMA02643 SSRT100416 2 - Potential security vulnerabilities have been identified with HP Network Node Manager i (NNMi). One vulnerability could be exploited by a local user to gain unauthorized access to files. The other vulnerability could result in remote cross site scripting (XSS). Revision 2 of this advisory.
-
9:30
»
Packet Storm Security Misc. Files
HP Security Bulletin HPSBMA02643 SSRT100416 2 - Potential security vulnerabilities have been identified with HP Network Node Manager i (NNMi). One vulnerability could be exploited by a local user to gain unauthorized access to files. The other vulnerability could result in remote cross site scripting (XSS). Revision 2 of this advisory.
-
9:30
»
Packet Storm Security Advisories
HP Security Bulletin HPSBUX02642 SSRT100415 - A potential vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows running Java. The vulnerability could be remotely exploited to create a Denial of Service (DoS). Revision 1 of this advisory.
-
9:30
»
Packet Storm Security Recent Files
HP Security Bulletin HPSBUX02642 SSRT100415 - A potential vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows running Java. The vulnerability could be remotely exploited to create a Denial of Service (DoS). Revision 1 of this advisory.
-
9:30
»
Packet Storm Security Misc. Files
HP Security Bulletin HPSBUX02642 SSRT100415 - A potential vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows running Java. The vulnerability could be remotely exploited to create a Denial of Service (DoS). Revision 1 of this advisory.
-
0:00
»
SecurityFocus Vulnerabilities
HP Network Node Manager i Unspecified Information Disclosure Vulnerability
-
-
9:00
»
SecurityFocus Vulnerabilities
[security bulletin] HPSBUX02642 SSRT100415 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows running Java, Remote Denial of Service (DoS)
-
8:00
»
SecurityFocus Vulnerabilities
[security bulletin] HPSBMA02643 SSRT100416 rev.2 - HP Network Node Manager i (NNMi), Local Unauthorized Read Access to Files, Remote Cross Site Scripting (XSS)
-
-
18:13
»
Packet Storm Security Advisories
HP Security Bulletin HPSBMA02652 SSRT100432 2 - A potential vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerability could be remotely exploited resulting in information disclosure. Revision 2 of this advisory.
-
18:13
»
Packet Storm Security Recent Files
HP Security Bulletin HPSBMA02652 SSRT100432 2 - A potential vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerability could be remotely exploited resulting in information disclosure. Revision 2 of this advisory.
-
18:13
»
Packet Storm Security Misc. Files
HP Security Bulletin HPSBMA02652 SSRT100432 2 - A potential vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerability could be remotely exploited resulting in information disclosure. Revision 2 of this advisory.
-
10:00
»
SecurityFocus Vulnerabilities
[security bulletin] HPSBMA02652 SSRT100432 rev.2 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Information Disclosure
-
10:44
»
Packet Storm Security Exploits
This Metasploit module exploits a buffer overflow in HP OpenView Network Node Manager 7.50/7.53. By sending specially crafted Hostname parameter to the getnnmdata.exe CGI, an attacker may be able to execute arbitrary code.
-
10:44
»
Packet Storm Security Recent Files
This Metasploit module exploits a buffer overflow in HP OpenView Network Node Manager 7.50/7.53. By sending specially crafted Hostname parameter to the getnnmdata.exe CGI, an attacker may be able to execute arbitrary code.
-
10:44
»
Packet Storm Security Misc. Files
This Metasploit module exploits a buffer overflow in HP OpenView Network Node Manager 7.50/7.53. By sending specially crafted Hostname parameter to the getnnmdata.exe CGI, an attacker may be able to execute arbitrary code.
-
-
17:06
»
Packet Storm Security Exploits
This Metasploit module exploits a stack buffer overflow in HP OpenView Network Node Manager 7.53 prior to NNM_01203. By specifying a long 'arg' parameter when executing the 'jovgraph.exe' CGI program, an attacker can cause a stack-based buffer overflow and execute arbitrary code. The vulnerable code is within the option parsing function within "ovwebsnmpsrv.exe" with a timestamp prior to April 7th, 2010. Reaching the vulnerable code requires a 'POST' request with an 'arg' parameter that, when combined with a some static text, exceeds 10240 bytes. The parameter must begin with a dash. It is important to note that this vulnerability must be exploited by overwriting SEH. This is since overflowing the buffer with controllable data always triggers an access violation when attempting to write static text beyond the end of the stack. Exploiting this issue is a bit tricky due to a restrictive character set. In order to accomplish arbitrary code execution, a double-backward jump is used in combination with the Alpha2 encoder.
-
17:06
»
Packet Storm Security Recent Files
This Metasploit module exploits a stack buffer overflow in HP OpenView Network Node Manager 7.53 prior to NNM_01203. By specifying a long 'arg' parameter when executing the 'jovgraph.exe' CGI program, an attacker can cause a stack-based buffer overflow and execute arbitrary code. The vulnerable code is within the option parsing function within "ovwebsnmpsrv.exe" with a timestamp prior to April 7th, 2010. Reaching the vulnerable code requires a 'POST' request with an 'arg' parameter that, when combined with a some static text, exceeds 10240 bytes. The parameter must begin with a dash. It is important to note that this vulnerability must be exploited by overwriting SEH. This is since overflowing the buffer with controllable data always triggers an access violation when attempting to write static text beyond the end of the stack. Exploiting this issue is a bit tricky due to a restrictive character set. In order to accomplish arbitrary code execution, a double-backward jump is used in combination with the Alpha2 encoder.
-
17:06
»
Packet Storm Security Misc. Files
This Metasploit module exploits a stack buffer overflow in HP OpenView Network Node Manager 7.53 prior to NNM_01203. By specifying a long 'arg' parameter when executing the 'jovgraph.exe' CGI program, an attacker can cause a stack-based buffer overflow and execute arbitrary code. The vulnerable code is within the option parsing function within "ovwebsnmpsrv.exe" with a timestamp prior to April 7th, 2010. Reaching the vulnerable code requires a 'POST' request with an 'arg' parameter that, when combined with a some static text, exceeds 10240 bytes. The parameter must begin with a dash. It is important to note that this vulnerability must be exploited by overwriting SEH. This is since overflowing the buffer with controllable data always triggers an access violation when attempting to write static text beyond the end of the stack. Exploiting this issue is a bit tricky due to a restrictive character set. In order to accomplish arbitrary code execution, a double-backward jump is used in combination with the Alpha2 encoder.
-
17:05
»
Packet Storm Security Exploits
This Metasploit module exploits a stack buffer overflow in HP OpenView Network Node Manager 7.53 prior to NNM_01203. By specifying a long 'arg' parameter when executing the 'jovgraph.exe' CGI program, an attacker can cause a stack-based buffer overflow and execute arbitrary code. This vulnerability is triggerable via either a GET or POST request. It is interesting to note that this vulnerability cannot be exploited by overwriting SEH, since attempting to would trigger CVE-2010-1964. The vulnerable code is within a sub-function called from "main" within "ovwebsnmpsrv.exe" with a timestamp prior to April 7th, 2010. This function contains a 256 byte stack buffer which is passed to the "getProxiedStorageAddress" function within ovutil.dll. When processing the address results in an error, the buffer is overflowed in a call to sprintf_new. There are no stack cookies present, so exploitation is easily achieved by overwriting the saved return address. There exists some unreliability when running this exploit. It is not completely clear why at this time, but may be related to OVWDB or session management. Also, on some attempts OV NNM may report invalid characters in the URL. It is not clear what is causing this either.
-
17:05
»
Packet Storm Security Recent Files
This Metasploit module exploits a stack buffer overflow in HP OpenView Network Node Manager 7.53 prior to NNM_01203. By specifying a long 'arg' parameter when executing the 'jovgraph.exe' CGI program, an attacker can cause a stack-based buffer overflow and execute arbitrary code. This vulnerability is triggerable via either a GET or POST request. It is interesting to note that this vulnerability cannot be exploited by overwriting SEH, since attempting to would trigger CVE-2010-1964. The vulnerable code is within a sub-function called from "main" within "ovwebsnmpsrv.exe" with a timestamp prior to April 7th, 2010. This function contains a 256 byte stack buffer which is passed to the "getProxiedStorageAddress" function within ovutil.dll. When processing the address results in an error, the buffer is overflowed in a call to sprintf_new. There are no stack cookies present, so exploitation is easily achieved by overwriting the saved return address. There exists some unreliability when running this exploit. It is not completely clear why at this time, but may be related to OVWDB or session management. Also, on some attempts OV NNM may report invalid characters in the URL. It is not clear what is causing this either.
-
17:05
»
Packet Storm Security Misc. Files
This Metasploit module exploits a stack buffer overflow in HP OpenView Network Node Manager 7.53 prior to NNM_01203. By specifying a long 'arg' parameter when executing the 'jovgraph.exe' CGI program, an attacker can cause a stack-based buffer overflow and execute arbitrary code. This vulnerability is triggerable via either a GET or POST request. It is interesting to note that this vulnerability cannot be exploited by overwriting SEH, since attempting to would trigger CVE-2010-1964. The vulnerable code is within a sub-function called from "main" within "ovwebsnmpsrv.exe" with a timestamp prior to April 7th, 2010. This function contains a 256 byte stack buffer which is passed to the "getProxiedStorageAddress" function within ovutil.dll. When processing the address results in an error, the buffer is overflowed in a call to sprintf_new. There are no stack cookies present, so exploitation is easily achieved by overwriting the saved return address. There exists some unreliability when running this exploit. It is not completely clear why at this time, but may be related to OVWDB or session management. Also, on some attempts OV NNM may report invalid characters in the URL. It is not clear what is causing this either.
-
17:03
»
Packet Storm Security Exploits
This Metasploit module exploits a stack buffer overflow in HP OpenView Network Node Manager 7.53 prior to NNM_01203. By specifying a long 'arg' parameter when executing the 'jovgraph.exe' CGI program, an attacker can cause a stack-based buffer overflow and execute arbitrary code. This vulnerability is triggerable via either a GET or POST request. The buffer being written to is 1024 bytes in size. It is important to note that this vulnerability must be exploited by overwriting SEH. Otherwise, CVE-2010-1961 is triggered! The vulnerable code is within the "main" function within "ovwebsnmpsrv.exe" with a timestamp prior to April 7th, 2010. There are no stack cookies, so exploitation is easily achieved by overwriting SEH structures. There exists some unreliability when running this exploit. It is not completely clear why at this time, but may be related to OVWDB or session management. Also, on some attempts OV NNM may report invalid characters in the URL. It is not clear what is causing this either.
-
17:03
»
Packet Storm Security Recent Files
This Metasploit module exploits a stack buffer overflow in HP OpenView Network Node Manager 7.53 prior to NNM_01203. By specifying a long 'arg' parameter when executing the 'jovgraph.exe' CGI program, an attacker can cause a stack-based buffer overflow and execute arbitrary code. This vulnerability is triggerable via either a GET or POST request. The buffer being written to is 1024 bytes in size. It is important to note that this vulnerability must be exploited by overwriting SEH. Otherwise, CVE-2010-1961 is triggered! The vulnerable code is within the "main" function within "ovwebsnmpsrv.exe" with a timestamp prior to April 7th, 2010. There are no stack cookies, so exploitation is easily achieved by overwriting SEH structures. There exists some unreliability when running this exploit. It is not completely clear why at this time, but may be related to OVWDB or session management. Also, on some attempts OV NNM may report invalid characters in the URL. It is not clear what is causing this either.
-
17:03
»
Packet Storm Security Misc. Files
This Metasploit module exploits a stack buffer overflow in HP OpenView Network Node Manager 7.53 prior to NNM_01203. By specifying a long 'arg' parameter when executing the 'jovgraph.exe' CGI program, an attacker can cause a stack-based buffer overflow and execute arbitrary code. This vulnerability is triggerable via either a GET or POST request. The buffer being written to is 1024 bytes in size. It is important to note that this vulnerability must be exploited by overwriting SEH. Otherwise, CVE-2010-1961 is triggered! The vulnerable code is within the "main" function within "ovwebsnmpsrv.exe" with a timestamp prior to April 7th, 2010. There are no stack cookies, so exploitation is easily achieved by overwriting SEH structures. There exists some unreliability when running this exploit. It is not completely clear why at this time, but may be related to OVWDB or session management. Also, on some attempts OV NNM may report invalid characters in the URL. It is not clear what is causing this either.
-
17:02
»
Packet Storm Security Exploits
This Metasploit module exploits a buffer overflow in HP OpenView Network Node Manager 7.50/7.53. By sending specially crafted ICount parameter to the getnnmdata.exe CGI, an attacker may be able to execute arbitrary code.
-
17:02
»
Packet Storm Security Recent Files
This Metasploit module exploits a buffer overflow in HP OpenView Network Node Manager 7.50/7.53. By sending specially crafted ICount parameter to the getnnmdata.exe CGI, an attacker may be able to execute arbitrary code.
-
17:02
»
Packet Storm Security Misc. Files
This Metasploit module exploits a buffer overflow in HP OpenView Network Node Manager 7.50/7.53. By sending specially crafted ICount parameter to the getnnmdata.exe CGI, an attacker may be able to execute arbitrary code.
-
17:00
»
Packet Storm Security Exploits
This Metasploit module exploits a stack buffer overflow in HP OpenView Network Node Manager 7.53 prior to NNM_01203. By making a specially crafted HTTP request to the "snmpviewer.exe" CGI program, an attacker can cause a stack-based buffer overflow and execute arbitrary code. The vulnerable code lies within the a function within "snmpviewer.exe" with a timestamp prior to April 7th, 2010. This vulnerability is triggerable via either a GET or POST request. The request must contain 'act' and 'app' parameters which, when combined, total more than the 1024 byte stack buffer can hold.
-
17:00
»
Packet Storm Security Recent Files
This Metasploit module exploits a stack buffer overflow in HP OpenView Network Node Manager 7.53 prior to NNM_01203. By making a specially crafted HTTP request to the "snmpviewer.exe" CGI program, an attacker can cause a stack-based buffer overflow and execute arbitrary code. The vulnerable code lies within the a function within "snmpviewer.exe" with a timestamp prior to April 7th, 2010. This vulnerability is triggerable via either a GET or POST request. The request must contain 'act' and 'app' parameters which, when combined, total more than the 1024 byte stack buffer can hold.
-
17:00
»
Packet Storm Security Misc. Files
This Metasploit module exploits a stack buffer overflow in HP OpenView Network Node Manager 7.53 prior to NNM_01203. By making a specially crafted HTTP request to the "snmpviewer.exe" CGI program, an attacker can cause a stack-based buffer overflow and execute arbitrary code. The vulnerable code lies within the a function within "snmpviewer.exe" with a timestamp prior to April 7th, 2010. This vulnerability is triggerable via either a GET or POST request. The request must contain 'act' and 'app' parameters which, when combined, total more than the 1024 byte stack buffer can hold.
-
17:00
»
Packet Storm Security Exploits
This Metasploit module exploits a buffer overflow in HP OpenView Network Node Manager 7.50/7.53. By sending specially crafted MaxAge parameter to the getnnmdata.exe CGI, an attacker may be able to execute arbitrary code.
-
17:00
»
Packet Storm Security Recent Files
This Metasploit module exploits a buffer overflow in HP OpenView Network Node Manager 7.50/7.53. By sending specially crafted MaxAge parameter to the getnnmdata.exe CGI, an attacker may be able to execute arbitrary code.
-
17:00
»
Packet Storm Security Misc. Files
This Metasploit module exploits a buffer overflow in HP OpenView Network Node Manager 7.50/7.53. By sending specially crafted MaxAge parameter to the getnnmdata.exe CGI, an attacker may be able to execute arbitrary code.
-
-
22:30
»
Packet Storm Security Advisories
Secunia Security Advisory - A vulnerability has been reported in HP OpenView Network Node Manager, which can be exploited by malicious people to cause a DoS (Denial of Service).
-
14:30
»
Packet Storm Security Advisories
HP Security Bulletin HPSBUX02641 SSRT100412 - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM) for HP-UX, Linux, Solaris, and Windows running Java. The vulnerability could be remotely exploited to create a Denial of Service (DoS). Revision 1 of this advisory.
-
14:30
»
Packet Storm Security Recent Files
HP Security Bulletin HPSBUX02641 SSRT100412 - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM) for HP-UX, Linux, Solaris, and Windows running Java. The vulnerability could be remotely exploited to create a Denial of Service (DoS). Revision 1 of this advisory.
-
14:30
»
Packet Storm Security Misc. Files
HP Security Bulletin HPSBUX02641 SSRT100412 - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM) for HP-UX, Linux, Solaris, and Windows running Java. The vulnerability could be remotely exploited to create a Denial of Service (DoS). Revision 1 of this advisory.
-
10:02
»
SecurityFocus Vulnerabilities
[security bulletin] HPSBUX02641 SSRT100412 rev.1 - HP OpenView Network Node Manager (OV NNM) for HP-UX, Linux, Solaris, and Windows running Java, Remote Denial of Service (DoS)
-
-
11:20
»
SecuriTeam
Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM).
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
11:20
»
SecuriTeam
A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM) running on Windows.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
11:50
»
SecuriTeam
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Network Node Manager.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
11:50
»
SecuriTeam
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Network Node Manager.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
11:50
»
SecuriTeam
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Network Node Manager.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
11:45
»
SecuriTeam
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Network Node Manager.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
21:46
»
SecuriTeam
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Network Node Manager.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
21:46
»
SecuriTeam
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
21:41
»
SecuriTeam
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
21:41
»
SecuriTeam
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
19:17
»
SecuriTeam
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
19:34
»
Packet Storm Security Advisories
HP Security Bulletin HPSBMA02621 SSRT100352 2 - Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to execute arbitrary code under the context of the user running the web server. Revision 2 of this advisory.
-
19:34
»
Packet Storm Security Recent Files
HP Security Bulletin HPSBMA02621 SSRT100352 2 - Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to execute arbitrary code under the context of the user running the web server. Revision 2 of this advisory.
-
19:34
»
Packet Storm Security Misc. Files
HP Security Bulletin HPSBMA02621 SSRT100352 2 - Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to execute arbitrary code under the context of the user running the web server. Revision 2 of this advisory.
-
11:00
»
SecurityFocus Vulnerabilities
[security bulletin] HPSBMA02621 SSRT100352 rev.2 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
-
9:11
»
Packet Storm Security Advisories
iDefense Security Advisory 01.10.11 - Remote exploitation of a command injection vulnerability in Hewlett-Packard Development Co. LP (HP)'s Network Node Manager could allow an attacker to execute arbitrary commands with the privileges of the affected service. The vulnerability exists within CGI scripts provided with the NNM HTTP Server. These scripts do not effectively sanitize a particular parameter. It is possible for an attacker to supply a parameter containing a specially crafted command line string. The command line string will be executed on the affected NNM HTTP Server.
-
9:11
»
Packet Storm Security Recent Files
iDefense Security Advisory 01.10.11 - Remote exploitation of a command injection vulnerability in Hewlett-Packard Development Co. LP (HP)'s Network Node Manager could allow an attacker to execute arbitrary commands with the privileges of the affected service. The vulnerability exists within CGI scripts provided with the NNM HTTP Server. These scripts do not effectively sanitize a particular parameter. It is possible for an attacker to supply a parameter containing a specially crafted command line string. The command line string will be executed on the affected NNM HTTP Server.
-
9:11
»
Packet Storm Security Misc. Files
iDefense Security Advisory 01.10.11 - Remote exploitation of a command injection vulnerability in Hewlett-Packard Development Co. LP (HP)'s Network Node Manager could allow an attacker to execute arbitrary commands with the privileges of the affected service. The vulnerability exists within CGI scripts provided with the NNM HTTP Server. These scripts do not effectively sanitize a particular parameter. It is possible for an attacker to supply a parameter containing a specially crafted command line string. The command line string will be executed on the affected NNM HTTP Server.
-
-
17:54
»
Packet Storm Security Advisories
HP Security Bulletin HPSBMA02557 SSRT100025 2 - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM) running on Windows. The vulnerability could be exploited remotely to execute arbitrary code. Revision 2 of this advisory.
-
17:54
»
Packet Storm Security Recent Files
HP Security Bulletin HPSBMA02557 SSRT100025 2 - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM) running on Windows. The vulnerability could be exploited remotely to execute arbitrary code. Revision 2 of this advisory.
-
17:54
»
Packet Storm Security Misc. Files
HP Security Bulletin HPSBMA02557 SSRT100025 2 - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM) running on Windows. The vulnerability could be exploited remotely to execute arbitrary code. Revision 2 of this advisory.
-
17:52
»
Packet Storm Security Advisories
HP Security Bulletin HPSBMA02621 SSRT100352 - Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to execute arbitrary code under the context of the user running the web server. Revision 1 of this advisory.
-
17:52
»
Packet Storm Security Recent Files
HP Security Bulletin HPSBMA02621 SSRT100352 - Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to execute arbitrary code under the context of the user running the web server. Revision 1 of this advisory.
-
17:52
»
Packet Storm Security Misc. Files
HP Security Bulletin HPSBMA02621 SSRT100352 - Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to execute arbitrary code under the context of the user running the web server. Revision 1 of this advisory.
-
17:50
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 11-012 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within nnmRptConfig.exe CGI which is exposed by the webserver which listens by default on TCP port 80. When parsing an invalid template name the application uses user supplied data as a format specifier during creation of an error message. An attacker can exploit this vulnerability by supplying a specially crafted and invalid template name to execute arbitrary code under the context of the user.
-
17:50
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 11-012 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within nnmRptConfig.exe CGI which is exposed by the webserver which listens by default on TCP port 80. When parsing an invalid template name the application uses user supplied data as a format specifier during creation of an error message. An attacker can exploit this vulnerability by supplying a specially crafted and invalid template name to execute arbitrary code under the context of the user.
-
17:50
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 11-012 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within nnmRptConfig.exe CGI which is exposed by the webserver which listens by default on TCP port 80. When parsing an invalid template name the application uses user supplied data as a format specifier during creation of an error message. An attacker can exploit this vulnerability by supplying a specially crafted and invalid template name to execute arbitrary code under the context of the user.
-
17:50
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 11-011 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the nnmRptConfig.exe module exposed by the webserver that listens by default on TCP port 80. A remote user can send an oversized schd_select1 parameter via a POST request to one of the CGI functions of NNM to trigger a buffer overflow in this module. Exploitation of this issue leads to remote code execution under the context of the target service.
-
17:50
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 11-011 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the nnmRptConfig.exe module exposed by the webserver that listens by default on TCP port 80. A remote user can send an oversized schd_select1 parameter via a POST request to one of the CGI functions of NNM to trigger a buffer overflow in this module. Exploitation of this issue leads to remote code execution under the context of the target service.
-
17:50
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 11-011 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the nnmRptConfig.exe module exposed by the webserver that listens by default on TCP port 80. A remote user can send an oversized schd_select1 parameter via a POST request to one of the CGI functions of NNM to trigger a buffer overflow in this module. Exploitation of this issue leads to remote code execution under the context of the target service.
-
17:48
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 11-010 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the nnmRptConfig.exe module exposed by the webserver that listens by default on TCP port 80. A remote user can send an oversized text1 parameter via a POST request to one of the CGI functions of NNM to trigger a buffer overflow in this module. Exploitation of this issue leads to remote code execution under the context of the target service.
-
17:48
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 11-010 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the nnmRptConfig.exe module exposed by the webserver that listens by default on TCP port 80. A remote user can send an oversized text1 parameter via a POST request to one of the CGI functions of NNM to trigger a buffer overflow in this module. Exploitation of this issue leads to remote code execution under the context of the target service.
-
17:48
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 11-010 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the nnmRptConfig.exe module exposed by the webserver that listens by default on TCP port 80. A remote user can send an oversized text1 parameter via a POST request to one of the CGI functions of NNM to trigger a buffer overflow in this module. Exploitation of this issue leads to remote code execution under the context of the target service.
-
17:48
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 11-09 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the nnmRptConfig.exe module exposed by the webserver that listens by default on TCP port 80. A remote user can send an oversized schdParams or nameParams parameter via a POST request to one of the CGI functions of NNM to trigger a buffer overflow in this module. Exploitation of this issue leads to remote code execution under the context of the target service.
-
17:48
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 11-09 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the nnmRptConfig.exe module exposed by the webserver that listens by default on TCP port 80. A remote user can send an oversized schdParams or nameParams parameter via a POST request to one of the CGI functions of NNM to trigger a buffer overflow in this module. Exploitation of this issue leads to remote code execution under the context of the target service.
-
17:48
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 11-09 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the nnmRptConfig.exe module exposed by the webserver that listens by default on TCP port 80. A remote user can send an oversized schdParams or nameParams parameter via a POST request to one of the CGI functions of NNM to trigger a buffer overflow in this module. Exploitation of this issue leads to remote code execution under the context of the target service.
-
17:43
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 11-08 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the nnmRptConfig.exe module exposed by the webserver that listens by default on TCP port 80. A remote user can send an oversized nameParams parameter via a POST request to one of the CGI functions of NNM to trigger a buffer overflow in this module. Exploitation of this issue leads to remote code execution under the context of the target service.
-
17:43
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 11-08 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the nnmRptConfig.exe module exposed by the webserver that listens by default on TCP port 80. A remote user can send an oversized nameParams parameter via a POST request to one of the CGI functions of NNM to trigger a buffer overflow in this module. Exploitation of this issue leads to remote code execution under the context of the target service.
-
17:43
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 11-08 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the nnmRptConfig.exe module exposed by the webserver that listens by default on TCP port 80. A remote user can send an oversized nameParams parameter via a POST request to one of the CGI functions of NNM to trigger a buffer overflow in this module. Exploitation of this issue leads to remote code execution under the context of the target service.
-
17:43
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 11-07 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the nnmRptConfig.exe module exposed by the webserver that listens by default on TCP port 80. A remote user can send an oversized data_select1 parameter via a POST request to one of the CGI functions of NNM to trigger a buffer overflow in this module. Exploitation of this issue leads to remote code execution under the context of the target service.
-
17:43
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 11-07 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the nnmRptConfig.exe module exposed by the webserver that listens by default on TCP port 80. A remote user can send an oversized data_select1 parameter via a POST request to one of the CGI functions of NNM to trigger a buffer overflow in this module. Exploitation of this issue leads to remote code execution under the context of the target service.
-
17:43
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 11-07 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the nnmRptConfig.exe module exposed by the webserver that listens by default on TCP port 80. A remote user can send an oversized data_select1 parameter via a POST request to one of the CGI functions of NNM to trigger a buffer overflow in this module. Exploitation of this issue leads to remote code execution under the context of the target service.
-
17:42
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 11-06 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The flaw exists within the ovutil.dll component which is loaded by the webserver listening by default on TCP port 80. When handling the COOKIE variable passed through a GET request, the process blindly copies user supplied data into a fixed-length buffer on the stack. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM service.
-
17:42
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 11-06 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The flaw exists within the ovutil.dll component which is loaded by the webserver listening by default on TCP port 80. When handling the COOKIE variable passed through a GET request, the process blindly copies user supplied data into a fixed-length buffer on the stack. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM service.
-
17:42
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 11-06 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The flaw exists within the ovutil.dll component which is loaded by the webserver listening by default on TCP port 80. When handling the COOKIE variable passed through a GET request, the process blindly copies user supplied data into a fixed-length buffer on the stack. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM service.
-
17:37
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 11-05 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The flaw exists within the ovas.exe component which listens by default on TCP port 7510. When handling the Source Node or Destination Node name POST variables the process blindly copies user supplied data into a fixed-length buffer on the stack. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the OVAS service.
-
17:37
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 11-05 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The flaw exists within the ovas.exe component which listens by default on TCP port 7510. When handling the Source Node or Destination Node name POST variables the process blindly copies user supplied data into a fixed-length buffer on the stack. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the OVAS service.
-
17:37
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 11-05 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The flaw exists within the ovas.exe component which listens by default on TCP port 7510. When handling the Source Node or Destination Node name POST variables the process blindly copies user supplied data into a fixed-length buffer on the stack. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the OVAS service.
-
17:36
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 11-04 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The exploit would require a crafted HTTP request to the target host. The specific flaw exists within the ovutil.dll module which is loaded by the ovwebsnmpsrv.exe process which in turn can be reached remotely through the jovgraph.exe CGI program. By supplying overly large values to variables passed through an HTTP request a sscanf can be made to overflow a static buffer. An attacker can leverage this to execute arbitrary code under the context of the user running the webserver.
-
17:36
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 11-04 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The exploit would require a crafted HTTP request to the target host. The specific flaw exists within the ovutil.dll module which is loaded by the ovwebsnmpsrv.exe process which in turn can be reached remotely through the jovgraph.exe CGI program. By supplying overly large values to variables passed through an HTTP request a sscanf can be made to overflow a static buffer. An attacker can leverage this to execute arbitrary code under the context of the user running the webserver.
-
17:36
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 11-04 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The exploit would require a crafted HTTP request to the target host. The specific flaw exists within the ovutil.dll module which is loaded by the ovwebsnmpsrv.exe process which in turn can be reached remotely through the jovgraph.exe CGI program. By supplying overly large values to variables passed through an HTTP request a sscanf can be made to overflow a static buffer. An attacker can leverage this to execute arbitrary code under the context of the user running the webserver.
-
17:36
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 11-03 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The exploit would require a crafted HTTP request to the target host. The specific flaw exists within jovgraph.exe, a Java-based grapher that extends the SNMP Data Presenter to include xnmgraph-like applications created by the application builder. The vulnerability occurs within jovgraph when processing malformed displayWidth option passed from the arg parameter to the CGI program. A remote unauthenticated attacker can send a crafted HTTP request to the target host to exploit this vulnerability. Successful attack could allow for arbitrary code being injected and executed with the privileges of the affected process, normally Internet Guest Account on Windows platforms.
-
17:36
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 11-03 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The exploit would require a crafted HTTP request to the target host. The specific flaw exists within jovgraph.exe, a Java-based grapher that extends the SNMP Data Presenter to include xnmgraph-like applications created by the application builder. The vulnerability occurs within jovgraph when processing malformed displayWidth option passed from the arg parameter to the CGI program. A remote unauthenticated attacker can send a crafted HTTP request to the target host to exploit this vulnerability. Successful attack could allow for arbitrary code being injected and executed with the privileges of the affected process, normally Internet Guest Account on Windows platforms.
-
17:36
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 11-03 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The exploit would require a crafted HTTP request to the target host. The specific flaw exists within jovgraph.exe, a Java-based grapher that extends the SNMP Data Presenter to include xnmgraph-like applications created by the application builder. The vulnerability occurs within jovgraph when processing malformed displayWidth option passed from the arg parameter to the CGI program. A remote unauthenticated attacker can send a crafted HTTP request to the target host to exploit this vulnerability. Successful attack could allow for arbitrary code being injected and executed with the privileges of the affected process, normally Internet Guest Account on Windows platforms.
-
-
13:26
»
SecuriTeam
A potential security vulnerability has been identified with HP OpenView Network Node Manager (OV NNM).
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
12:16
»
SecuriTeam
A potential security vulnerability has been identified with HP OpenView Network Node Manager (OV NNM).
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
22:10
»
SecuriTeam
A vulnerability related to the execution of arbitrary code has been discovered in HP OpenView Network Node Manager.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
10:56
»
SecuriTeam
Multiple vulnerabilities were discovered in HP OpenView Network Node Manager.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
10:51
»
SecuriTeam
An arbitrary code execution vulnerability was discovered in HP OpenView Network Node Manager.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
10:00
»
Packet Storm Security Recent Files
HP Security Bulletin HPSBMA02558 SSRT100158 - A potential security vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). The vulnerability could be exploited remotely to execute arbitrary code under the context of the user running the web server. Revision 3 of this advisory.
-
10:00
»
Packet Storm Security Advisories
HP Security Bulletin HPSBMA02558 SSRT100158 - A potential security vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). The vulnerability could be exploited remotely to execute arbitrary code under the context of the user running the web server. Revision 3 of this advisory.
-
9:00
»
SecurityFocus Vulnerabilities
[security bulletin] HPSBMA02558 SSRT100158 rev.3 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
-
-
20:01
»
Packet Storm Security Recent Files
HP Security Bulletin - A potential security vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). The vulnerability could be exploited remotely resulting in a Denial of Service (DoS).
-
20:00
»
Packet Storm Security Advisories
HP Security Bulletin - A potential security vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). The vulnerability could be exploited remotely resulting in a Denial of Service (DoS).
-
-
16:26
»
SecuriTeam
A vulnerability was identified on HP OpenView Network Node Manager which could lead to the execution of arbitrary code.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
16:21
»
SecuriTeam
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
17:54
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in HP OpenView Network Node Manager (OV NNM). This vulnerability is caused by a buffer overflow error in the nnmrptconfig.exe CGI when processing an overly long parameter value, which could be exploited by remote unauthenticated attackers to execute arbitrary code.
-
17:54
»
Packet Storm Security Recent Files
VUPEN Vulnerability Research Team discovered a critical vulnerability in HP OpenView Network Node Manager (OV NNM). This vulnerability is caused by a buffer overflow error in the ov.dll library when processing certain arguments supplied via CGI executables, which could be exploited by remote unauthenticated attackers to execute arbitrary code.
-
17:54
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 10-137 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ov.dll module which is loaded by the webappmon.exe CGI program. This DLL defines a function execvp_nc which unsafely concatenates a controllable command string into a statically allocated stack buffer. By supplying overly large values to variables passed through an HTTP request a strcat_new can be made to overflow this buffer. An attacker can leverage this to execute arbitrary code under the context of the user running the webserver.
-
17:53
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in HP OpenView Network Node Manager (OV NNM). This vulnerability is caused by a buffer overflow error in the nnmrptconfig.exe CGI when processing an overly long parameter value, which could be exploited by remote unauthenticated attackers to execute arbitrary code.
-
17:53
»
Packet Storm Security Advisories
VUPEN Vulnerability Research Team discovered a critical vulnerability in HP OpenView Network Node Manager (OV NNM). This vulnerability is caused by a buffer overflow error in the ov.dll library when processing certain arguments supplied via CGI executables, which could be exploited by remote unauthenticated attackers to execute arbitrary code.
-
17:53
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 10-137 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ov.dll module which is loaded by the webappmon.exe CGI program. This DLL defines a function execvp_nc which unsafely concatenates a controllable command string into a statically allocated stack buffer. By supplying overly large values to variables passed through an HTTP request a strcat_new can be made to overflow this buffer. An attacker can leverage this to execute arbitrary code under the context of the user running the webserver.
-
16:35
»
Packet Storm Security Recent Files
HP Security Bulletin - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM) running on Windows. The vulnerability could be exploited remotely to execute arbitrary code.
-
16:35
»
Packet Storm Security Recent Files
HP Security Bulletin - A potential security vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). The vulnerability could be exploited remotely to execute arbitrary code under the context of the user running the web server.
-
16:34
»
Packet Storm Security Advisories
HP Security Bulletin - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM) running on Windows. The vulnerability could be exploited remotely to execute arbitrary code.
-
16:34
»
Packet Storm Security Advisories
HP Security Bulletin - A potential security vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). The vulnerability could be exploited remotely to execute arbitrary code under the context of the user running the web server.
-
-
0:31
»
SecuriTeam
Vulnerabilities related to the execution of Arbitrary code were identified on HP OpenView Network Node Manager.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
0:30
»
SecuriTeam
Potential code execution vulnerabilities have been identified in HP OpenView Network Node Manager.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
0:30
»
SecuriTeam
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
1337day (was: Inj3ct0r, 1337db)
OSVDB Vulnerabilities
Exploit-DB
Bugtraq
XSSed
Sophos security news
Penetration Testing
BackTrack Linux Forums
Threatpost
SecDocs
carnal0wnage.attackresearch.com
Carnal0wnage
Darknet
The Exploitant
Hack a Day
Wirevolution