Executive Summary
Summary | |
---|---|
Title | HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code |
Informations | |||
---|---|---|---|
Name | HPSBMU02712 SSRT100649 | First vendor Publication | 2011-11-01 |
Vendor | HP | Last vendor Modification | 2011-11-01 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to execute arbitrary code under the context of the user running the web server. |
Original Source
Url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03054052 |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 2 |
SAINT Exploits
Description | Link |
---|---|
HP OpenView Network Node Manager OVBuildPath Overflow | More info here |
OpenVAS Exploits
Date | Description |
---|---|
2011-12-14 | Name : HP OpenView Network Node Manager Multiple Remote Code Execution Vulnerabilities File : nvt/gb_hp_openview_nnm_50471.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
76775 | HP OpenView Network Node Manager Unspecified Remote Code Execution (2011-3167) HP OpenView Network Node Manager contains an unspecified flaw that may allow a remote attacker to execute arbitrary code. No further details have been provided. |
76774 | HP OpenView Network Node Manager Unspecified Remote Code Execution (2011-3166) HP OpenView Network Node Manager contains an unspecified flaw that may allow a remote attacker to execute arbitrary code. No further details have been provided. |
76773 | HP OpenView Network Node Manager Unspecified Remote Code Execution (2011-3165) HP OpenView Network Node Manager contains an unspecified flaw that may allow a remote attacker to execute arbitrary code. No further details have been provided. |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2011-11-10 | IAVM : 2011-B-0138 - Multiple Vulnerabilities in HP OpenView Network Node Manager Severity : Category I - VMSKEY : V0030610 |
Snort® IPS/IDS
Date | Description |
---|---|
2014-11-16 | Hp OpenView CGI parameter buffer overflow attempt RuleID : 31375 - Revision : 3 - Type : SERVER-WEBAPP |
2014-03-06 | HP OpenView CGI parameter buffer overflow attempt RuleID : 29502 - Revision : 3 - Type : SERVER-WEBAPP |
2014-01-10 | HP OpenView CGI parameter buffer overflow attempt RuleID : 24693 - Revision : 7 - Type : SERVER-WEBAPP |
2014-01-10 | HP OpenView CGI parameter buffer overflow attempt RuleID : 16674 - Revision : 16 - Type : SERVER-WEBAPP |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2012-03-28 | Name : The version of HP Network Node Manager running on the remote host is affected... File : hp_nnm_multiple_code_execution.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:38:18 |
|