Lucene search
SztiviZDI-14-340HistoryOct 01, 2014 - 12:00 a.m.
Hewlett-Packard Network Node Manager ovopi.dll Option -L Remote Code Execution Vulnerability
2014-10-0100:00:00
sztivi
www.zerodayinitiative.com
14
0.971 High
EPSS
Percentile
99.8%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within ovopi.dll which listens by default on a UDP port 696. When parsing option -L, the process blindly copies user supplied data into a fixed-length buffer allowing for an arbitrary write to occur. A remote attacker can abuse this to execute remote code under the context of the SYSTEM user.
Related
zdi
zdi
packetstorm
packetstorm
HP Network Node Manager I PMD Buffer Overflow
2014-09-30 00:00:00
checkpoint_advisories
checkpoint_advisories
HP Network Node Manager I ovopi.dll Command 685 Memory Corruption (CVE-2014-2624)
2014-12-04 00:00:00
HP Network Node Manager I ovopi.dll Buffer Overflow (CVE-2014-2624)
2014-10-14 00:00:00
cvelist
cvelist
CVE-2014-2624
2014-09-11 01:00:00
nessus
nessus
HP Network Node Manager i Remote Code Execution (HPSBMU03075)
2014-09-17 00:00:00
HP Network Node Manager i Remote Code Execution (HPSBMU03075)
2014-12-08 00:00:00
securityvulns
securityvulns
zdt
zdt
HP Network Node Manager I PMD Buffer Overflow Exploit
2014-10-02 00:00:00
nvd
nvd
CVE-2014-2624
2014-09-11 01:55:03
prion
prion
Design/Logic Flaw
2014-09-11 01:55:00
cve
cve
CVE-2014-2624
2014-09-11 01:55:03