exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 3 of 3 RSS Feed

CVE-2010-2709

Status Candidate

Overview

Stack-based buffer overflow in webappmon.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long OvJavaLocale value in a cookie.

Related Files

HP NNM CGI webappmon.exe OvJavaLocale Buffer Overflow
Posted Mar 23, 2011
Authored by Nahuel Riva, sinn3r | Site metasploit.com

This Metasploit module exploits a stack-based overflow in HP NNM's webappmon.exe. The vulnerability occurs when a long string of data is sent as OvJavaLocale's cookie value, OvWww.dll fails to properly do any bounds checking before this input is parsed in function OvWwwDebug(), which causes an overflow when sprintf_new() is called.

tags | exploit, overflow
advisories | CVE-2010-2709, OSVDB-66932
SHA-256 | ec5c964f51636ce7ba31b28775d66861ded19652e6b8966cbb73d25ac422b9da
Core Security Technologies Advisory 2010.0608
Posted Aug 5, 2010
Authored by Core Security Technologies | Site coresecurity.com

Core Security Technologies Advisory - There is a buffer overflow vulnerability in the webappmon.exe CGI application included with HP OpenView NNM. This bug can be exploited by sending a cookie header with a maliciously crafted 'OvJavaLocale' value. Code execution is likely achievable in a reliable way.

tags | exploit, overflow, cgi, code execution
advisories | CVE-2010-2709
SHA-256 | 48e7d6969af75120e25212535b0e4de84aa95958a93d04dd51c78c5ec17eb64f
HP Security Bulletin HPSBMA02563 SSRT100165
Posted Aug 3, 2010
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). The vulnerability could be exploited remotely to execute arbitrary code under the context of the user running the web server.

tags | advisory, web, arbitrary
advisories | CVE-2010-2709
SHA-256 | bc287d97a9bfa180171e916bd3e2792b459885e7615497ab4f8b65e777854e22
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    34 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close