Executive Summary

Summary
Title HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
Informations
Name HPSBMA02563 SSRT100165 First vendor Publication 2010-08-03
Vendor HP Last vendor Modification 2010-08-02
Severity (Vendor) N/A Revision 1

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score 9.3 Attack Range Network
Cvss Impact Score 10 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A potential security vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). The vulnerability could be exploited remotely to execute arbitrary code under the context of the user running the web server.

Original Source

Url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02446520

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 10

ExploitDB Exploits

id Description
2010-08-03 HP OpenView NNM v.7.53 OvJavaLocale Buffer Overflow Vulnerability

OpenVAS Exploits

Date Description
2010-07-26 Name : HP OpenView Network Node Manager Multiple Code Execution Vulnerabilities
File : nvt/gb_hp_openview_nnm_mult_code_exec_vuln.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
66932 HP OpenView Network Node Manager (OV NNM) webappmon.exe OvJavaLocale Cookie V...

Snort® IPS/IDS

Date Description
2014-01-10 OpenView Network Node Manager cookie buffer overflow attempt
RuleID : 18925 - Revision : 6 - Type : SERVER-WEBAPP
2014-01-10 OpenView Network Node Manager cookie buffer overflow attempt
RuleID : 18924 - Revision : 6 - Type : SERVER-WEBAPP
2014-01-10 OpenView Network Node Manager cookie buffer overflow attempt
RuleID : 18923 - Revision : 6 - Type : SERVER-WEBAPP
2014-01-10 OpenView Network Node Manager cookie buffer overflow attempt
RuleID : 18922 - Revision : 6 - Type : SERVER-WEBAPP
2014-01-10 OpenView Network Node Manager cookie buffer overflow attempt
RuleID : 18921 - Revision : 6 - Type : SERVER-WEBAPP
2014-01-10 OpenView Network Node Manager cookie buffer overflow attempt
RuleID : 18920 - Revision : 6 - Type : SERVER-WEBAPP
2014-01-10 OpenView Network Node Manager cookie buffer overflow attempt
RuleID : 18919 - Revision : 6 - Type : SERVER-WEBAPP
2014-01-10 OpenView Network Node Manager cookie buffer overflow attempt
RuleID : 18918 - Revision : 6 - Type : SERVER-WEBAPP
2014-01-10 OpenView Network Node Manager cookie buffer overflow attempt
RuleID : 18917 - Revision : 6 - Type : SERVER-WEBAPP
2014-01-10 OpenView Network Node Manager cookie buffer overflow attempt
RuleID : 18916 - Revision : 6 - Type : SERVER-WEBAPP
2014-01-10 OpenView Network Node Manager cookie buffer overflow attempt
RuleID : 18915 - Revision : 6 - Type : SERVER-WEBAPP
2014-01-10 OpenView Network Node Manager cookie buffer overflow attempt
RuleID : 18914 - Revision : 6 - Type : SERVER-WEBAPP
2014-01-10 OpenView Network Node Manager cookie buffer overflow attempt
RuleID : 18913 - Revision : 6 - Type : SERVER-WEBAPP
2014-01-10 OpenView Network Node Manager cookie buffer overflow attempt
RuleID : 18912 - Revision : 6 - Type : SERVER-WEBAPP
2014-01-10 OpenView Network Node Manager cookie buffer overflow attempt
RuleID : 18911 - Revision : 6 - Type : SERVER-WEBAPP
2014-01-10 OpenView Network Node Manager cookie buffer overflow attempt
RuleID : 18910 - Revision : 6 - Type : SERVER-WEBAPP
2014-01-10 OpenView Network Node Manager cookie buffer overflow attempt
RuleID : 18909 - Revision : 6 - Type : SERVER-WEBAPP
2014-01-10 OpenView Network Node Manager cookie buffer overflow attempt
RuleID : 18908 - Revision : 6 - Type : SERVER-WEBAPP
2014-01-10 OpenView Network Node Manager cookie buffer overflow attempt
RuleID : 18907 - Revision : 6 - Type : SERVER-WEBAPP
2014-01-10 OpenView Network Node Manager cookie buffer overflow attempt
RuleID : 18906 - Revision : 6 - Type : SERVER-WEBAPP
2014-01-10 OpenView Network Node Manager cookie buffer overflow attempt
RuleID : 18905 - Revision : 6 - Type : SERVER-WEBAPP
2014-01-10 OpenView Network Node Manager cookie buffer overflow attempt
RuleID : 17140 - Revision : 10 - Type : SERVER-WEBAPP

Nessus® Vulnerability Scanner

Date Description
2010-05-17 Name : The remote HP-UX host is missing a security-related patch.
File : hpux_PHSS_40707.nasl - Type : ACT_GATHER_INFO
2010-05-17 Name : The remote HP-UX host is missing a security-related patch.
File : hpux_PHSS_40708.nasl - Type : ACT_GATHER_INFO