Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в HP OpenView Network Node Manage
Опубликовано:12 мая 2010 г.
Источник:
SecurityVulns ID:10827
Тип:удаленная
Уровень опасности:
5/10
Описание:Уязвимости во многих CGI-приложениях.
Затронутые продукты:HP : OpenView Network Node Manager 7.53
CVE:CVE-2010-1555 (Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid Hostname parameter.)
 CVE-2010-1554 (Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid iCount parameter.)
 CVE-2010-1553 (Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid MaxAge parameter.)
 CVE-2010-1552 (Stack-based buffer overflow in the doLoad function in snmpviewer.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via the act and app parameters.)
 CVE-2010-1551 (Stack-based buffer overflow in the _OVParseLLA function in ov.dll in netmon.exe in Network Monitor in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via the sel parameter.)
 CVE-2010-1550 (Format string vulnerability in ovet_demandpoll.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via format string specifiers in the sel parameter.)
Оригинальный текстdocumentZDI, ZDI-10-086: HP OpenView NNM getnnmdata.exe CGI Invalid Hostname Remote Code Execution Vulnerability (12.05.2010)
 documentZDI, ZDI-10-085: HP OpenView NNM getnnmdata.exe CGI Invalid ICount Remote Code Execution Vulnerability (12.05.2010)
 documentZDI, ZDI-10-084: HP OpenView NNM getnnmdata.exe CGI Invalid MaxAge Remote Code Execution Vulnerability (12.05.2010)
 documentZDI, ZDI-10-083: HP OpenView NNM snmpviewer.exe CGI Multiple Variable Remote Code Execution Vulnerability (12.05.2010)
 documentZDI, ZDI-10-081: HP OpenView NNM ovet_demandpoll sel CGI Variable Format String Remote Code Execution Vulnerability (12.05.2010)
 documentZDI, ZDI-10-082: HP OpenView NNM netmon sel CGI Variable Remote Code Execution Vulnerability (12.05.2010)
 documentHP, [security bulletin] HPSBMA02527 SSRT010098 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code (12.05.2010)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород