Wednesday, April 09, 2008 2:03 PM
cmosby
HP OpenView Network Node Manager ovspmd.exe Buffer Overflow - Advisories - Secunia
HP OpenView Network Node Manager ovspmd.exe Buffer Overflow
Secunia Advisory:
SA29713
Release Date:
2008-04-09
Critical:
Moderately critical
Impact:
DoS
System access
Where:
From local network
Solution Status:
Unpatched
Software:
HP OpenView Network Node Manager (NNM) 7.x
Description:
Luigi Auriemma has discovered a vulnerability in HP OpenView Network Node Manager, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.
The vulnerability is caused due to an input validation error within ovspmd.exe and can be exploited to cause a heap-based buffer overflow by sending a specially crafted, overly long packet to default port 8886/TCP.
Successful exploitation may allow execution of arbitrary code.
The vulnerability is confirmed in version 7.53 and 7.51. Other versions may also be affected.
Solution:
Restrict network access to ovspmd.exe.
Provided and/or discovered by:
Luigi Auriemma
Original Advisory:
http://aluigi.altervista.org/adv/closedview-adv.txt