Check Point Advisories

Preemptive Protection against HP OpenView Node Manager Remote Code Execution Vulnerability

Check Point Reference: CPAI-2008-129
Date Published: 11 Aug 2008
Severity: Critical
Last Updated: Tuesday 07 October, 2008
Source: Mati Aharoni - Offensive Security
Industry Reference:CVE-2008-1697
Protection Provided by:
Who is Vulnerable? HP OpenView Network Node Manager version 7.51
HP OpenView Network Node Manager version 7.53
Vulnerability Description HP OpenView Network Node Manager (NNM) is a software application designed for management, maintenance and monitoring of networks and network devices. The application fails to properly check crafted HTTP requests. By sending a specially-crafted overly long HTTP GET request, a remote unauthenticated attacker could overflow a buffer and execute arbitrary code on the target system or cause the application to crash.
Update/Patch AvaliableRefer to:
HP Network Node Manager (NNM) Advanced Edition software
Vulnerability DetailsThe vulnerability is due to an error in the way HP OpenView NNM's OVAS.exe service perfoms bounds checking. An attacker can exploit this issue by crafting an overly long HTTP GET request and sending it to the target host. Successful exploitation of this vulnerability may result in either code execution or system crash.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK