CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

HP » Openview Network Node Manager » 7.53 Hp-ux * : Security Vulnerabilities

Cpe Name:cpe:2.3:a:hp:openview_network_node_manager:7.53:-:hp-ux:*:*:*:*:*
CVSS Scores Greater Than: 0   1   2   3   4   5   6   7   8   9  
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2010-3285 DoS 2010-09-24 2019-10-09
5.0
 None Remote Low Not required None None Partial
Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to cause a denial of service via unknown vectors.
2 CVE-2010-2709 119 1 Exec Code Overflow 2010-08-05 2017-08-17
9.3
 None Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in webappmon.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long OvJavaLocale value in a cookie.
3 CVE-2010-2704 119 Exec Code Overflow 2010-07-28 2018-10-10
10.0
 None Remote Low Not required Complete Complete Complete
Buffer overflow in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long HTTP request to nnmrptconfig.exe.
4 CVE-2010-1964 Exec Code Overflow 2010-06-17 2018-10-10
7.5
 None Remote Low Not required Partial Partial Partial
Buffer overflow in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unspecified parameters to jovgraph.exe, aka ZDI-CAN-683.
5 CVE-2010-1961 119 Exec Code Overflow 2010-06-10 2018-10-10
10.0
 None Remote Low Not required Complete Complete Complete
Buffer overflow in ovutil.dll in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unspecified variables to jovgraph.exe, which are not properly handled in a call to the sprintf function.
6 CVE-2010-1960 119 Exec Code Overflow 2010-06-10 2018-10-10
10.0
 None Remote Low Not required Complete Complete Complete
Buffer overflow in the error handling functionality in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long, invalid option to jovgraph.exe.
7 CVE-2010-1555 119 Exec Code Overflow 2010-05-13 2018-10-10
10.0
 None Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid Hostname parameter.
8 CVE-2010-1554 119 1 Exec Code Overflow 2010-05-13 2018-10-11
10.0
 None Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid iCount parameter.
9 CVE-2010-1553 119 Exec Code Overflow 2010-05-13 2018-10-10
10.0
 None Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid MaxAge parameter.
10 CVE-2010-1552 119 Exec Code Overflow 2010-05-13 2018-10-10
10.0
 None Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in the doLoad function in snmpviewer.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via the act and app parameters.
11 CVE-2010-1551 119 Exec Code Overflow 2010-05-13 2018-10-10
10.0
 None Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in the _OVParseLLA function in ov.dll in netmon.exe in Network Monitor in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via the sel parameter.
12 CVE-2010-1550 134 Exec Code 2010-05-13 2018-10-10
10.0
 None Remote Low Not required Complete Complete Complete
Format string vulnerability in ovet_demandpoll.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via format string specifiers in the sel parameter.
13 CVE-2009-4181 119 Exec Code Overflow 2009-12-10 2018-10-10
10.0
 None Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via vectors involving the sel and arg parameters to jovgraph.exe.
14 CVE-2009-4180 119 Exec Code Overflow 2009-12-10 2018-10-10
10.0
 None Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in snmpviewer.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long HTTP Host header.
15 CVE-2009-4179 119 Exec Code Overflow 2009-12-10 2018-10-10
10.0
 None Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in ovalarm.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long HTTP Accept-Language header in an OVABverbose action.
16 CVE-2009-4178 119 Exec Code Overflow 2009-12-10 2018-10-10
10.0
 None Remote Low Not required Complete Complete Complete
Heap-based buffer overflow in OvWebHelp.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long Topic parameter.
17 CVE-2009-4177 119 Exec Code Overflow 2009-12-10 2018-10-10
10.0
 None Remote Low Not required Complete Complete Complete
Buffer overflow in webappmon.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long HTTP Host header.
18 CVE-2009-4176 119 Exec Code Overflow 2009-12-10 2018-10-10
10.0
 None Remote Low Not required Complete Complete Complete
Multiple heap-based buffer overflows in ovsessionmgr.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via a long (1) userid or (2) passwd parameter to ovlogin.exe.
19 CVE-2009-3849 119 Exec Code Overflow 2009-12-10 2018-10-10
10.0
 None Remote Low Not required Complete Complete Complete
Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via (1) a long Template parameter to nnmRptConfig.exe, related to the strcat function; or (2) a long Oid parameter to snmp.exe.
20 CVE-2009-3848 119 Exec Code Overflow 2009-12-10 2018-10-10
10.0
 None Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in nnmRptConfig.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a long Template parameter, related to the vsprintf function.
21 CVE-2009-3847 Exec Code 2009-12-10 2017-08-17
10.0
 None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via unknown vectors.
22 CVE-2009-3846 119 Exec Code Overflow 2009-12-10 2018-10-10
10.0
 None Remote Low Not required Complete Complete Complete
Multiple heap-based buffer overflows in ovlogin.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via a long (1) userid or (2) passwd parameter.
23 CVE-2009-3845 Exec Code 2009-12-10 2018-10-10
10.0
 None Remote Low Not required Complete Complete Complete
The port-3443 HTTP server in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary commands via shell metacharacters in the hostname parameter to unspecified Perl scripts.
24 CVE-2009-3840 DoS 2009-11-19 2009-11-24
5.0
 None Remote Low Not required None None Partial
The embedded database engine service (aka ovdbrun.exe) in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to cause a denial of service (daemon crash) via an invalid Error Code field in a packet.
25 CVE-2009-0898 119 Exec Code Overflow 2009-12-10 2009-12-19
10.0
 None Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a crafted HTTP request.
26 CVE-2008-4562 119 Exec Code Overflow 2009-02-08 2019-10-09
10.0
 None Remote Low Not required Complete Complete Complete
Buffer overflow in the ovlaunch CGI program in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 on Windows allows remote attackers to execute arbitrary code via a crafted Host parameter. NOTE: this issue may be partially covered by CVE-2009-0205.
27 CVE-2008-4560 200 +Info 2009-02-08 2019-10-09
7.8
 None Remote Low Not required Complete None None
HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to obtain sensitive information via (1) a crafted request to the nnmRptConfig.exe CGI program, which reveals the pathname of log directories; or (2) a crafted parameter in a request to the ovlaunch.exe CGI program, which reveals configuration details. NOTE: this issue may be partially covered by CVE-2009-0205.
28 CVE-2008-4559 20 Exec Code 2009-02-08 2019-10-09
10.0
 None Remote Low Not required Complete Complete Complete
HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via shell metacharacters in argument fields to the (1) webappmon.exe or (2) OpenView5.exe CGI program. NOTE: this issue may be partially covered by CVE-2009-0205.
Total number of vulnerabilities : 28   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.