CVE-2009-4176

2009-12-1022:30:00

CWE-119

web.nvd.nist.gov

cve-2009-4176

hp openview

network node manager

buffer overflow

remote code execution

nvd

vulnerability

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.5

Confidence

Low

EPSS

0.776

Percentile

98.2%

JSON

Multiple heap-based buffer overflows in ovsessionmgr.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via a long (1) userid or (2) passwd parameter to ovlogin.exe.

Affected configurations

Nvd

Node

hpopenview_network_node_managerMatch7.0.1hp_ux

hpopenview_network_node_managerMatch7.0.1linux

hpopenview_network_node_managerMatch7.0.1solaris

hpopenview_network_node_managerMatch7.0.1windows

hpopenview_network_node_managerMatch7.51-hp-ux

hpopenview_network_node_managerMatch7.51-linux

hpopenview_network_node_managerMatch7.51-solaris

hpopenview_network_node_managerMatch7.51-windows

hpopenview_network_node_managerMatch7.53-hp-ux

hpopenview_network_node_managerMatch7.53-linux

hpopenview_network_node_managerMatch7.53-solaris

hpopenview_network_node_managerMatch7.53-windows

VendorProductVersionCPE
hpopenview_network_node_manager7.0.1cpe:2.3:a:hp:openview_network_node_manager:7.0.1:*:hp_ux:*:*:*:*:*
hpopenview_network_node_manager7.0.1cpe:2.3:a:hp:openview_network_node_manager:7.0.1:*:linux:*:*:*:*:*
hpopenview_network_node_manager7.0.1cpe:2.3:a:hp:openview_network_node_manager:7.0.1:*:solaris:*:*:*:*:*
hpopenview_network_node_manager7.0.1cpe:2.3:a:hp:openview_network_node_manager:7.0.1:*:windows:*:*:*:*:*
hpopenview_network_node_manager7.51cpe:2.3:a:hp:openview_network_node_manager:7.51:-:hp-ux:*:*:*:*:*
hpopenview_network_node_manager7.51cpe:2.3:a:hp:openview_network_node_manager:7.51:-:linux:*:*:*:*:*
hpopenview_network_node_manager7.51cpe:2.3:a:hp:openview_network_node_manager:7.51:-:solaris:*:*:*:*:*
hpopenview_network_node_manager7.51cpe:2.3:a:hp:openview_network_node_manager:7.51:-:windows:*:*:*:*:*
hpopenview_network_node_manager7.53cpe:2.3:a:hp:openview_network_node_manager:7.53:-:hp-ux:*:*:*:*:*
hpopenview_network_node_manager7.53cpe:2.3:a:hp:openview_network_node_manager:7.53:-:linux:*:*:*:*:*

Vendor	Product	Version	CPE
hp	openview_network_node_manager	7.0.1	cpe:2.3:a:hp:openview_network_node_manager:7.0.1::hp_ux:::::
hp	openview_network_node_manager	7.0.1	cpe:2.3:a:hp:openview_network_node_manager:7.0.1::linux:::::
hp	openview_network_node_manager	7.0.1	cpe:2.3:a:hp:openview_network_node_manager:7.0.1::solaris:::::
hp	openview_network_node_manager	7.0.1	cpe:2.3:a:hp:openview_network_node_manager:7.0.1::windows:::::
hp	openview_network_node_manager	7.51	cpe:2.3:a:hp:openview_network_node_manager:7.51:-:hp-ux:::::*
hp	openview_network_node_manager	7.51	cpe:2.3:a:hp:openview_network_node_manager:7.51:-:linux:::::*
hp	openview_network_node_manager	7.51	cpe:2.3:a:hp:openview_network_node_manager:7.51:-:solaris:::::*
hp	openview_network_node_manager	7.51	cpe:2.3:a:hp:openview_network_node_manager:7.51:-:windows:::::*
hp	openview_network_node_manager	7.53	cpe:2.3:a:hp:openview_network_node_manager:7.53:-:hp-ux:::::*
hp	openview_network_node_manager	7.53	cpe:2.3:a:hp:openview_network_node_manager:7.53:-:linux:::::*