Multiple stack-based buffer overflows in the nvd_exec function in HP Radia Notify Daemon 3.1.2.0 (formerly by Novadigm), and other versions including 2.x, 3.x, and 4.x, allows remote attackers to execute arbitrary code via a command with crafted parameters to a RADEXECD process.
http://www.vupen.com/english/advisories/2005/0681
http://securitytracker.com/id?1014089
http://secunia.com/advisories/15567
http://lists.grok.org.uk/pipermail/full-disclosure/2005-June/034394.html