Computer Security
[EN] securityvulns.ru no-pyccku


HP OpenView Network Node Manager multiple CGI buffer overflow
updated since 07.12.2007
Published:15.04.2008
Source:
SecurityVulns ID:8422
Type:remote
Threat Level:
5/10
Description:Buffer overflows in ovlogin.exe, OpenView5.exe, snmpviewer.exe, webappmon.exe. OpenView5.exe directory traversal.
Affected:HP : OpenView Network Node Manager 7.51
CVE:CVE-2008-0068 (Directory traversal vulnerability in OpenView5.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to read arbitrary files via directory traversal sequences in the Action parameter.)
 CVE-2007-6204 (Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allow remote attackers to execute arbitrary code via unspecified long arguments to (1) ovlogin.exe, (2) OpenView5.exe, (3) snmpviewer.exe, and (4) webappmon.exe, as demonstrated via a long Action parameter to OpenView5.exe.)
Original documentdocumentSECUNIA, Secunia Research: HP OpenView Network Node Manager OpenView5.exe Directory Traversal (15.04.2008)
 documentHP, [security bulletin] HPSBMA02281 SSRT061261 rev.1 - HP OpenView Network Node Manager (OV NNM) Remote Unauthorized Execution of Arbitrary Code (07.12.2007)
 documentZDI, ZDI-07-071: HP OpenView Network Node Manager Multiple CGI Buffer Overflows (07.12.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod