ID de Prueba:	1.3.6.1.4.1.25623.1.0.902076
Categoría:	Web application abuses
Título:	HP OpenView Network Node Manager Multiple Vulnerabilities
Resumen:	HP OpenView Network Node Manager is prone to multiple vulnerabilities.
Descripción:	Summary: HP OpenView Network Node Manager is prone to multiple vulnerabilities. Vulnerability Insight: The flaws are due to boundary errors, - when creating an error message within 'ovwebsnmpsrv.exe' - within 'getProxiedStorageAddress()' in 'ovutil.dll' - when parsing command line argument variables within 'ovwebsnmpsrv.ex' And an unspecified vulnerability allows remote attackers to cause a denial of service via unknown vectors. Vulnerability Impact: Successful exploitation will allow attacker to cause a buffer overflow via a specially crafted HTTP request to the 'jovgraph.exe' CGI program. Affected Software/OS: HP OpenView Network Node Manager version 7.51 and 7.53 Solution: Apply the patch for OpenView NNM version 7.53. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-1964 BugTraq ID: 40873 http://www.securityfocus.com/bid/40873 Bugtraq: 20100616 ZDI-10-108: HP OpenView NNM ovwebsnmpsrv.exe Command Line Argument Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/511854/100/0/threaded HPdes Security Advisory: HPSBMA02537 http://seclists.org/bugtraq/2010/Jun/152 HPdes Security Advisory: SSRT010027 http://www.zerodayinitiative.com/advisories/ZDI-10-108 http://osvdb.org/65552 http://securityreason.com/securityalert/8155 Common Vulnerability Exposure (CVE) ID: CVE-2010-1961 BugTraq ID: 40638 http://www.securityfocus.com/bid/40638 Bugtraq: 20100608 ZDI-10-106: Hewlett-Packard OpenView NNM ovutil.dll getProxiedStorageAddress Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/511731/100/0/threaded http://marc.info/?l=bugtraq&m=127602909915281&w=2 http://www.zerodayinitiative.com/advisories/ZDI-10-106/ http://www.securitytracker.com/id?1024071 http://secunia.com/advisories/40101 XForce ISS Database: ovnnm-getproxiedstorageaddress-bo(59250) https://exchange.xforce.ibmcloud.com/vulnerabilities/59250 Common Vulnerability Exposure (CVE) ID: CVE-2010-1960 BugTraq ID: 40637 http://www.securityfocus.com/bid/40637 Bugtraq: 20100608 ZDI-10-105: Hewlett-Packard OpenView NNM ovwebsnmpsrv.exe Bad Option Remote Code Execution Vulnerability (Google Search) http://www.securityfocus.com/archive/1/511734/100/0/threaded http://www.zerodayinitiative.com/advisories/ZDI-10-105/ XForce ISS Database: ovnnm-ovwebsnmpsrv-bo(59249) https://exchange.xforce.ibmcloud.com/vulnerabilities/59249 Common Vulnerability Exposure (CVE) ID: CVE-2010-3285 HPdes Security Advisory: HPSBMA02585 http://marc.info/?l=bugtraq&m=128525454219838&w=2 HPdes Security Advisory: SSRT100256
Copyright	Copyright (C) 2010 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.