Published: 08/04/2008 Updated: 29/09/2017

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Stack-based buffer overflow in ovwparser.dll in HP OpenView Network Node Manager (OV NNM) 7.53, 7.51, and previous versions allows remote malicious users to execute arbitrary code via a long URI in an HTTP request processed by ovas.exe, as demonstrated by a certain topology/homeBaseView request. NOTE: some of these details are obtained from third party information.

Vulnerable Product	Search on Vulmon	Subscribe to Product
hp openview network node manager 7.51
hp openview network node manager
hp openview network node manager 7.0.1

## # $Id: hp_nnm_ovasrb 10660 2010-10-12 18:39:21Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## ## # This should bypass the f ...

#!/usr/bin/python ################################################################################ # HP OpenView NNM 751 OVASEXE Pre Authentication SEH Overflow # Tested on Windows 2003 Server SP1 # Coded by Mati Aharoni # mutsatoffensive-securitycom # wwwoffensive-securitycom/0day/hp-nnm-ovpytxt # [shameless plug] # This vulner ...

CWE-119 http://www.offensive-security.com/0day/hp-nnm-ov.py.txt http://www.securityfocus.com/bid/28569 http://secunia.com/advisories/29641 http://marc.info/?l=bugtraq&m=121553626110871&w=2 http://www.securitytracker.com/id?1019782 http://www.vupen.com/english/advisories/2008/1085/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41600 https://www.exploit-db.com/exploits/5342 https://nvd.nist.gov https://www.exploit-db.com/exploits/16774/

CVE-2008-1697

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect