Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-6204

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2007-6204
Last Modified 06 Sep 2011 12:00:00
Published 13 Dec 2007 04:46:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-6204

Summary

Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allow remote attackers to execute arbitrary code via unspecified long arguments to (1) ovlogin.exe, (2) OpenView5.exe, (3) snmpviewer.exe, and (4) webappmon.exe, as demonstrated via a long Action parameter to OpenView5.exe.

Vulnerable Systems

Application

  • Hp Openview Network Node Manager 6.41

  • Hp Openview Network Node Manager 7.0.1

  • Hp Openview Network Node Manager 7.51


References

BID - 26741

XF - hpopenview-nnm-unspecified-code-execution(38892)

MISC - http://www.zerodayinitiative.com/advisories/ZDI-07-071.html

VUPEN - ADV-2007-4111

SECTRACK - 1019055

BUGTRAQ - 20071206 ZDI-07-071: HP OpenView Network Node Manager Multiple CGI Buffer Overflows

MILW0RM - 4724

SREASON - 3441

SECUNIA - 27964

HP - HPSBMA02281

HP - SSRT061261


Last Updated: 27 May 2016 10:47:27