Packet Storm

what you don't know can hurt you

Register | Login

Home Files News &[SERVICES_TAB]About Contact Add New

HP OpenView NNM webappmon.exe CGI Host Header Buffer Overflow: Posted Dec 10, 2009; Authored by Aaron Portnoy | Site tippingpoint.com; A vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the webappmon.exe CGI application. This process copies the Host header from HTTP requests into a fixed-length buffer located in the .DATA section via a call to strcat(). By specifying a string length within a certain range this buffer can be overflowed leading to arbitrary code execution.; tags | advisory, remote, web, overflow, arbitrary, cgi, code execution; advisories | CVE-2009-4177; SHA-256 | e9285c3564b9a9fed271a5fa68086e36a26f9e7fd64d6783330ec170d71256dd; Download | Favorite | View

Related Files

No related files

Top Authors In Last 30 Days

Red Hat 227 files
indoushka 136 files
Jay Turla 111 files
Ubuntu 63 files
Gentoo 33 files
Debian 27 files
sinn3r 23 files
h00die 23 files
Pedro Ribeiro 21 files
juan vazquez 18 files

File Tags

File Archives

Systems

AIX (429)
Apple (2,104)
BSD (377)
CentOS (58)
Cisco (1,944)
Debian (7,112)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (880)
iOS (386)
iPhone (108)
IRIX (220)
Juniper (70)
Linux (50,966)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,661)
Slackware (941)
Solaris (1,614)
SUSE (1,444)
Ubuntu (9,788)
UNIX (9,443)
UnixWare (187)
Windows (6,732)
Other

packet storm

© 2024 Packet Storm. All rights reserved.

Site Links: News by Month; News Tags; Files by Month; File Tags; File Directory

About Us: History & Purpose; Contact Information; Terms of Service; Privacy Statement; Copyright Information

Services: Security Services
Hosting By: Rokasec