Check Point Advisories

Update Protection against HP OpenView Network Node Manager HTTP Handling Buffer Overflow Vulnerability

Check Point Reference: CPAI-2008-112
Date Published: 9 May 2008
Severity: Critical
Last Updated: Sunday 03 August, 2008
Source: Secunia Advisory: SA29641
Industry Reference:CVE-2008-1697
Protection Provided by:
Who is Vulnerable? HP OpenView Network Node Manager 7.51
Vulnerability Description A buffer overflow vulnerability has been discovered in HP OpenView Network Node Manager. The Network Node Manager (NNM) is an HP OpenView product which manages networks. It determines and displays physical and logical connectivity in networks, as well as information referring to protocols running over the network. A remote attacker may exploit this issue to execute arbitrary code on a vulnerable system.
Vulnerability DetailsThe vulnerability is due to a boundary error in HP OpenView Network Node Manager that fails to properly process overly long HTTP GET requests. In order to exploit this vulnerability, an attacker can send a specially crafted HTTP request to a vulnerable host. Successful exploitation may allow the attacker to inject and execute arbitrary code on the target system.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK