Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:4392D9DBF1539FE732D6E2C654B565B5
HistoryDec 24, 2007 - 12:00 a.m.

HP OpenView Network Node Manager ovlogin.exe buffer overflow

2007-12-2400:00:00
SAINT Corporation
download.saintcorporation.com
9

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.518

Percentile

97.6%

JSON

Added: 12/24/2007
CVE: CVE-2007-6204
BID: 26741
OSVDB: 39529

Background

HP OpenView Network Node Manager is network availability and performance management software.

Problem

A buffer overflow in the Network Node Manager web interface allows remote attackers to execute arbitrary commands by sending a long, specially crafted argument to the **ovlogin.exe** CGI program.

Resolution

Apply one of the patches referenced in HPSBMA02281 SSRT061261.

References

<http://www.zerodayinitiative.com/advisories/ZDI-07-071.html&gt;

Limitations

Exploit works on HP OpenView Network Node Manager 6.41 on Windows 2000.

Platforms

Windows

Related

packetstorm 2
saint 3
securityvulns 3
exploitdb 2
cve 1
metasploit 1
zdi 1
nvd 1
prion 1
cvelist 1
nessus 5
checkpoint_advisories 1
packetstorm
packetstorm
HP OpenView Network Node Manager CGI Buffer Overflow
2009-11-26 00:00:00
HP OpenView Network Node Manager OpenView5.exe CGI Buffer Overflow
2009-12-31 00:00:00
saint
saint
HP OpenView Network Node Manager ovlogin.exe buffer overflow
2007-12-24 00:00:00
HP OpenView Network Node Manager ovlogin.exe buffer overflow
2007-12-24 00:00:00
HP OpenView Network Node Manager ovlogin.exe buffer overflow
2007-12-24 00:00:00
securityvulns
securityvulns
[security bulletin] HPSBMA02281 SSRT061261 rev.1 - HP OpenView Network Node Manager &#40;OV NNM&#41; Remote Unauthorized Execution of Arbitrary Code
2007-12-07 00:00:00
ZDI-07-071: HP OpenView Network Node Manager Multiple CGI Buffer Overflows
2007-12-07 00:00:00
HP OpenView Network Node Manager multiple CGI buffer overflow
2008-04-15 00:00:00
exploitdb
exploitdb
HP OpenView Network Node Manager 07.50 - CGI Remote Buffer Overflow
2007-12-12 00:00:00
HP OpenView Network Node Manager (OV NNM) - &#039;OpenView5.exe&#039; CGI Buffer Overflow (Metasploit)
2010-05-09 00:00:00
cve
cve
CVE-2007-6204
2007-12-13 21:46:00
metasploit
metasploit
HP OpenView Network Node Manager OpenView5.exe CGI Buffer Overflow
2009-12-15 05:41:29
zdi
zdi
Hewlett-Packard OpenView Network Node Manager Multiple CGI Buffer Overflow Vulnerabilities
2007-12-06 00:00:00
nvd
nvd
CVE-2007-6204
2007-12-13 21:46:00
prion
prion
Stack overflow
2007-12-13 21:46:00
cvelist
cvelist
CVE-2007-6204
2007-12-13 21:00:00
nessus
nessus
HP OpenView Network Node Manager Multiple CGI Remote Overflows
2007-12-07 00:00:00
HP-UX PHSS_36902 : s700_800 11.X OV NNM7.51 IA-64 Intermediate Patch 17
2007-10-03 00:00:00
HP-UX PHSS_36901 : s700_800 11.X OV NNM7.51 PA-RISC Intermediate Patch 17
2007-10-03 00:00:00
checkpoint_advisories
checkpoint_advisories
HP OpenView Network Node Manager CGI programs HTTP Request Buffer Overflow (CVE-2007-6204; CVE-2008-0067)
2009-12-06 00:00:00

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.518

Percentile

97.6%

JSON
Related for SAINT:4392D9DBF1539FE732D6E2C654B565B5
packetstorm2saint3securityvulns3exploitdb2cve1metasploit1zdi1nvd1prion1cvelist1nessus5checkpoint_advisories1