Check Point Advisories

Preemptive Protection against HP OpenView Network Node Manager snmpviewer.exe Host Header Buffer Overflow

Check Point Reference: CPAI-2009-310
Date Published: 23 Dec 2009
Severity: Critical
Last Updated: Thursday 01 January, 2009
Source: Secunia Advisory:  SA37665
Industry Reference:CVE-2009-4180
Protection Provided by:
Who is Vulnerable? HP OpenView Network Node Manager (OV NNM) 7.01
HP OpenView Network Node Manager (OV NNM) 7.51
HP OpenView Network Node Manager (OV NNM) 7.53
Vulnerability Description A buffer overflow vulnerability exists in the HP OpenView Network Node Manager (NNM) CGI program snmpviewer.exe. The vulnerability is due to a boundary error when processing the Host header from HTTP requests. A remote unauthenticated attacker can exploit this vulnerability by sending a crafted HTTP request to a target server, potentially causing arbitrary code injection and execution. 
Update/Patch AvaliableHP has released an advisory addressing this vulnerability:
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01950877
Vulnerability DetailsHP OpenView Network Node Manager (NNM) supplies several CGI applications to provide management interface of the NNM server. The vulnerability is caused by insufficient boundary checking when handling the Host HTTP header.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK