what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

CVE-2007-6204

Status Candidate

Overview

Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allow remote attackers to execute arbitrary code via unspecified long arguments to (1) ovlogin.exe, (2) OpenView5.exe, (3) snmpviewer.exe, and (4) webappmon.exe, as demonstrated via a long Action parameter to OpenView5.exe.

Related Files

HP OpenView Network Node Manager OpenView5.exe CGI Buffer Overflow
Posted Dec 31, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in HP OpenView Network Node Manager 7.50. By sending a specially crafted CGI request, an attacker may be able to execute arbitrary code.

tags | exploit, overflow, arbitrary, cgi
advisories | CVE-2007-6204
SHA-256 | 66583a0594555d5fbb4ef434ba4d8cbbf81f63ce0361f95c46aa5ece2a9e0693
HP OpenView Network Node Manager CGI Buffer Overflow
Posted Nov 26, 2009
Authored by MC | Site metasploit.com

This Metasploit module exploits a stack overflow in HP OpenView Network Node Manager 7.50. By sending a specially crafted CGI request, an attacker may be able to execute arbitrary code.

tags | exploit, overflow, arbitrary, cgi
advisories | CVE-2007-6204
SHA-256 | b4689c38e3d87c7a12a78c691f992acbfe300a075e3b6d9d4d74c5b9340d426f
Zero Day Initiative Advisory 07-071
Posted Dec 8, 2007
Authored by Tipping Point, Tenable Network Security | Site zerodayinitiative.com

Vulnerabilities allow remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard (HP) OpenView Network Node Manager (NNM). Authentication is not required to exploit these vulnerabilities. The specific flaws exists within the CGI applications that handle the management of the NNM server. Due to lack of bounds checking during a call to sprintf(), sending overly long arguments to the various CGI variables result in a classic stack overflow leading to compromise of the remote server. Exploitation leads to code execution running under the credentials of the web server. Further techniques can be leveraged to gain full SYSTEM access. OpenView Network Node Manager versions 7.51 and below are affected.

tags | advisory, remote, web, overflow, arbitrary, cgi, vulnerability, code execution
advisories | CVE-2007-6204
SHA-256 | af2e7b4fea5306f492b6105526815249c897430e2fe51c525fc855c05e67e2ab
HP Security Bulletin 2006-12.61
Posted Dec 7, 2007
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). This vulnerability could be exploited remotely by an unauthorized user to execute arbitrary code with the permissions of the NNM server.

tags | advisory, arbitrary
advisories | CVE-2007-6204
SHA-256 | 029a0f3fd7171b8536b858427c5670d37a6d74557751914c81be9382c19474c9
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close