|
Feeds -
Exploits
|
|
Written by Luigi Auriemma
|
|
Friday, 20 March 2009 23:07 |
HP OpenView Network Node Manager 'ovspmd' Buffer Overflow Vulnerability
-\\Bugtraq ID:
28689
-\\Class:
Boundary Condition Error
-\\CVE:
CVE-2008-1842
-\\Remote:
Yes
-\\Local:
No
-\\Published:
Apr 08 2008 12:00AM
-\\Updated:
Mar 20 2009 05:06PM
-\\Credit:
Luigi Auriemma
-\\Vulnerable:
HP OpenView Network Node Manager 7.53
HP OpenView Network Node Manager 7.51
HP OpenView Network Node Manager 7.01
-\\Discussion
HP OpenView Network Node Manager is prone to a buffer-overflow vulnerability.
Successfully exploiting this issue allows remote attackers to execute arbitrary code in the context
of the Network Node Manager process. This facilitates the remote compromise of affected computers.
Network Node Manager 7.53 running on Microsoft Windows is affected by this issue; other versions
and platforms may also be vulnerable.
-\\Exploit(s)/PoC(s):
The following exploit code is available:
============================
http://www.securityfocus.com/data/vulnerabilities/exploits/28689.zip
-\\Solution
The vendor has released an advisory and fixes. Please see the references for more information.
-\\References(s)
--HP OpenView Network Node Manager Product Page
http://www.openview.hp.com/products/nnm (HP)
--[security bulletin] HPSBMA02338 SSRT080024, SSRT080041 rev.1 - HP OpenView Netwo
http://www.securityfocus.com/archive/1/49322 (
This e-mail address is being protected from spambots. You need JavaScript enabled to view it
)
--[security bulletin] HPSBMA02338 SSRT080024, SSRT080041 rev.2 - HP OpenView Netwo
http://www.securityfocus.com/archive/1/49378 (
This e-mail address is being protected from spambots. You need JavaScript enabled to view it
)
--Re: Multiple vulnerabilities in HP OpenView NNM 7.53
http://www.securityfocus.com/archive/1/49058 (Luigi Auriemma <
This e-mail address is being protected from spambots. You need JavaScript enabled to view it
>)
|
