Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2009-4181 | First vendor Publication | 2009-12-10 |
Vendor | Cve | Last vendor Modification | 2018-10-10 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Stack-based buffer overflow in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via vectors involving the sel and arg parameters to jovgraph.exe. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4181 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
CPE : Common Platform Enumeration
SAINT Exploits
Description | Link |
---|---|
HP OpenView Network Node Manager ovwebsnmpsrv.exe buffer overflow via jovgraph.exe | More info here |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
60932 | HP OpenView Network Node Manager (OV NNM) ovwebsnmpsrv.exe CGI sel Parameter ... |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2009-12-17 | IAVM : 2009-B-0065 - Multiple Vulnerabilities in HP OpenView Network Node Manager Severity : Category I - VMSKEY : V0022105 |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | HP OpenView Network Node Manager ovwebsnmpsrv.exe OVwSelection buffer overflo... RuleID : 16713 - Revision : 4 - Type : SERVER-WEBAPP |
2014-01-10 | HP OpenView Network Node Manager ovwebsnmpsrv.exe OVwSelection buffer overflo... RuleID : 16712 - Revision : 4 - Type : SERVER-WEBAPP |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2010-05-10 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHSS_40705.nasl - Type : ACT_GATHER_INFO |
2009-12-14 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHSS_40374.nasl - Type : ACT_GATHER_INFO |
2009-12-14 | Name : The remote HP-UX host is missing a security-related patch. File : hpux_PHSS_40375.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2021-05-04 12:10:33 |
|
2021-04-22 01:11:02 |
|
2020-05-23 00:24:40 |
|
2018-10-11 00:19:43 |
|
2017-08-17 09:22:48 |
|
2016-04-26 19:17:45 |
|
2014-02-17 10:52:34 |
|
2014-01-19 21:26:23 |
|
2013-11-11 12:38:28 |
|
2013-05-11 00:01:58 |
|