ID |
CVE-2009-3845
|
Summary |
The port-3443 HTTP server in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary commands via shell metacharacters in the hostname parameter to unspecified Perl scripts. |
References |
|
Vulnerable Configurations |
-
cpe:2.3:a:hp:openview_network_node_manager:7.0.1:*:hp_ux:*:*:*:*:*
cpe:2.3:a:hp:openview_network_node_manager:7.0.1:*:hp_ux:*:*:*:*:*
-
cpe:2.3:a:hp:openview_network_node_manager:7.0.1:*:linux:*:*:*:*:*
cpe:2.3:a:hp:openview_network_node_manager:7.0.1:*:linux:*:*:*:*:*
-
cpe:2.3:a:hp:openview_network_node_manager:7.0.1:*:solaris:*:*:*:*:*
cpe:2.3:a:hp:openview_network_node_manager:7.0.1:*:solaris:*:*:*:*:*
-
cpe:2.3:a:hp:openview_network_node_manager:7.0.1:*:windows:*:*:*:*:*
cpe:2.3:a:hp:openview_network_node_manager:7.0.1:*:windows:*:*:*:*:*
-
cpe:2.3:a:hp:openview_network_node_manager:7.51:-:hp-ux:*:*:*:*:*
cpe:2.3:a:hp:openview_network_node_manager:7.51:-:hp-ux:*:*:*:*:*
-
cpe:2.3:a:hp:openview_network_node_manager:7.51:-:linux:*:*:*:*:*
cpe:2.3:a:hp:openview_network_node_manager:7.51:-:linux:*:*:*:*:*
-
cpe:2.3:a:hp:openview_network_node_manager:7.51:-:solaris:*:*:*:*:*
cpe:2.3:a:hp:openview_network_node_manager:7.51:-:solaris:*:*:*:*:*
-
cpe:2.3:a:hp:openview_network_node_manager:7.51:-:windows:*:*:*:*:*
cpe:2.3:a:hp:openview_network_node_manager:7.51:-:windows:*:*:*:*:*
-
cpe:2.3:a:hp:openview_network_node_manager:7.53:-:hp-ux:*:*:*:*:*
cpe:2.3:a:hp:openview_network_node_manager:7.53:-:hp-ux:*:*:*:*:*
-
cpe:2.3:a:hp:openview_network_node_manager:7.53:-:linux:*:*:*:*:*
cpe:2.3:a:hp:openview_network_node_manager:7.53:-:linux:*:*:*:*:*
-
cpe:2.3:a:hp:openview_network_node_manager:7.53:-:solaris:*:*:*:*:*
cpe:2.3:a:hp:openview_network_node_manager:7.53:-:solaris:*:*:*:*:*
-
cpe:2.3:a:hp:openview_network_node_manager:7.53:-:windows:*:*:*:*:*
cpe:2.3:a:hp:openview_network_node_manager:7.53:-:windows:*:*:*:*:*
|
CVSS |
Base: | 10.0 (as of 10-10-2018 - 19:47) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-Other |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
LOW |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
COMPLETE |
COMPLETE |
COMPLETE |
|
cvss-vector
via4
|
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
refmap
via4
|
|
saint
via4
|
bid | 37261 | description | HP OpenView Network Node Manager ovalarm.exe Accept-Language buffer overflow | id | net_ovnodemgralarmlangbo | osvdb | 60930 | title | openview_nnm_ovalarm_accept_language | type | remote |
bid | 37261 | description | HP OpenView Network Node Manager ovwebsnmpsrv.exe buffer overflow via jovgraph.exe | id | net_ovwebsnmpsrvbo | osvdb | 60932 | title | openview_nnm_ovwebsnmpsrv_jovgraph | type | remote |
|
Last major update |
10-10-2018 - 19:47 |
Published |
10-12-2009 - 22:30 |
Last modified |
10-10-2018 - 19:47 |