Thursday, April 03, 2008 1:09 PM
cmosby
HP OpenView Network Node Manager Buffer Overflow Vulnerability - Advisories - Secunia
HP OpenView Network Node Manager Buffer Overflow Vulnerability
Secunia Advisory:
SA29641
Release Date:
2008-04-03
Critical:
Moderately critical
Impact:
System access
Where:
From local network
Solution Status:
Unpatched
Software:
HP OpenView Network Node Manager (NNM) 7.x
Description:
Mati Aharoni has discovered a vulnerability in HP OpenView Network Node Manager, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to a boundary error within ovwparser.dll, which can be exploited to cause a stack-based buffer overflow via an overly long HTTP GET request to ovas.exe on default port 7510/TCP.
Successful exploitation allows execution of arbitrary code.
The vulnerability is confirmed in version 7.51. Other versions may also be affected.
Solution:
Restrict network access to ovas.exe.
Provided and/or discovered by:
Mati Aharoni
Original Advisory:
http://www.offensive-security.com/0day/hp-nnm-ov.py.txt