Check Point Advisories

Update Protection against HP OpenView Network Node Manager ovalarmsrv Integer Overflow

Check Point Reference: CPAI-2009-083
Date Published: 8 May 2009
Severity: High
Last Updated: Thursday 01 January, 2009
Source: Secunia Advisory: SA31672
Industry Reference:

CVE-2008-2438

Protection Provided by:
Who is Vulnerable? HP OpenView Network Node Manager (OV NNM) 7.01
HP OpenView Network Node Manager (OV NNM) 7.51
HP OpenView Network Node Manager (OV NNM) 7.53
Vulnerability Description HP OpenView Network Node Manager (NNM) is a software application designed for management, maintenance and monitoring of networks and network devices. The application fails to properly validate maliciously crafted requests. By sending a crafted request, a remote unauthenticated attacker could overflow a buffer and execute arbitrary code on the target system.
Update/Patch AvaliableHP has released an advisory:
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01723303
Vulnerability DetailsThe vulnerability specifically exists in OpenView Network Node Manager ovalarmsrv.exe program which is installed by default with HP OpenView to listen for client requests. An attacker can trigger the vulnerability by sending crafted requests to the ovalarmsrv.exe.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK