Showing 1 - 3 of 3

CVE-2010-1964

Status Candidate

Overview

Buffer overflow in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via unspecified parameters to jovgraph.exe, aka ZDI-CAN-683.

Related Files

HP OpenView Network Node Manager ovwebsnmpsrv.exe main Buffer Overflow: Posted Mar 24, 2011; Authored by jduck | Site metasploit.com; This Metasploit module exploits a stack buffer overflow in HP OpenView Network Node Manager 7.53 prior to NNM_01203. By specifying a long 'arg' parameter when executing the 'jovgraph.exe' CGI program, an attacker can cause a stack-based buffer overflow and execute arbitrary code. This vulnerability is triggerable via either a GET or POST request. The buffer being written to is 1024 bytes in size. It is important to note that this vulnerability must be exploited by overwriting SEH. Otherwise, CVE-2010-1961 is triggered! The vulnerable code is within the "main" function within "ovwebsnmpsrv.exe" with a timestamp prior to April 7th, 2010. There are no stack cookies, so exploitation is easily achieved by overwriting SEH structures. There exists some unreliability when running this exploit. It is not completely clear why at this time, but may be related to OVWDB or session management. Also, on some attempts OV NNM may report invalid characters in the URL. It is not clear what is causing this either.; tags | exploit, overflow, arbitrary, cgi; advisories | CVE-2010-1964, OSVDB-65552; SHA-256 | 6b4d95471d68cca9d3ef11a5eae191b4a98a078054233598f568e7012765400b; Download | Favorite | View

HP NNM 7.53 ovwebsnmpsrv.exe Buffer Overflow: Posted Jul 7, 2010; Authored by bitform; HP NNM version 7.53 suffers from a buffer overflow vulnerability in ovwebsnmpsrv.exe.; tags | exploit, overflow; advisories | CVE-2010-1964; SHA-256 | 6eeaab66bff0c4a05ace7074273ab99bbee5174fa6079fd37637c4ceb165dd30; Download | Favorite | View

Zero Day Initiative Advisory 10-108: Posted Jun 17, 2010; Authored by Tipping Point | Site zerodayinitiative.com; Zero Day Initiative Advisory 10-108 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ovwebsnmpsrv.exe process which can be reached remotely through the jovgraph.exe CGI program. By supplying overly large values to variables passed through an HTTP request a strcpy call within the main() function can be made to overflow a static buffer. An attacker can leverage this to execute arbitrary code under the context of the user running the webserver.; tags | advisory, remote, web, overflow, arbitrary, cgi; advisories | CVE-2010-1964; SHA-256 | 00278e85899dd283e140d40875be47b96c833e538416bebb14d77122837ee655; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 287 files
Ubuntu 60 files
Debian 32 files
Gentoo 28 files
LiquidWorm 10 files
nu11secur1ty 7 files
Adam Gowdiak 4 files
liquidsky 3 files
kai6u 3 files
malvuln 3 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,036)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,495)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,567)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,739)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,489)
UNIX (9,397)
UnixWare (187)
Windows (6,656)
Other

CVE-2010-1964

Overview

Related Files

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems