Computer Security
[EN] securityvulns.ru no-pyccku


HP OpenView Network Node Manager unauthorized access
Published:26.03.2009
Source:
SecurityVulns ID:9774
Type:remote
Threat Level:
6/10
Affected:HP : OpenView Network Node Manager 7.51
 HP : OpenView Network Node Manager 7.53
CVE:CVE-2009-0921 (Multiple heap-based buffer overflows in OvCgi/Toolbar.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via (1) a long OvAcceptLang cookie, which triggers the error in ov.dll and ovwww.dll, or (2) a long Accept-Language HTTP header, which triggers the error in ovwww.dll or libovwww.so.4.)
 CVE-2009-0920 (Stack-based buffer overflow in OvCgi/Toolbar.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long OvOSLocale cookie, a variant of CVE-2008-0067.)
Original documentdocumentHP, [security bulletin] HPSBMA02416 SSRT090008 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code (26.03.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod