Lucene search
SztiviZDI-14-338HistoryOct 01, 2014 - 12:00 a.m.
Hewlett-Packard Network Node Manager ovopi.dll Option -T Stack Buffer Overflow Remote Code Execution Vulnerability
2014-10-0100:00:00
sztivi
www.zerodayinitiative.com
24
EPSS
0.968
Percentile
99.7%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within ovopi.dll which listens by default on a UDP port 696. When parsing option -T, the process blindly copies user supplied data into a fixed-length stack buffer. A remote attacker can abuse this to execute remote code under the context of the SYSTEM user.
Related
zdi
zdi
securityvulns
securityvulns
prion
prion
Design/Logic Flaw
2014-09-11 01:55:00
metasploit
metasploit
HP Network Node Manager I PMD Buffer Overflow
2014-09-24 05:22:16
exploitdb
exploitdb
HP Network Node Manager I - PMD Buffer Overflow (Metasploit)
2014-10-02 00:00:00
nessus
nessus
HP Network Node Manager i Remote Code Execution (HPSBMU03075)
2014-12-08 00:00:00
HP Network Node Manager i Remote Code Execution (HPSBMU03075)
2014-09-17 00:00:00
zdt
zdt
HP Network Node Manager I PMD Buffer Overflow Exploit
2014-10-02 00:00:00
nvd
nvd
CVE-2014-2624
2014-09-11 01:55:03
checkpoint_advisories
checkpoint_advisories
HP Network Node Manager I ovopi.dll Buffer Overflow (CVE-2014-2624)
2014-10-14 00:00:00
seebug
seebug
HP Network Node Manager I PMD Buffer Overflow
2014-10-10 00:00:00
cve
cve
CVE-2014-2624
2014-09-11 01:55:03
packetstorm
packetstorm
HP Network Node Manager I PMD Buffer Overflow
2014-09-30 00:00:00
cvelist
cvelist
CVE-2014-2624
2014-09-11 01:00:00