Check Point Advisories

Preemptive Protection against HP OpenView Network Node Manager webappmon.exe execvp_nc Buffer Overflow

Check Point Reference: CPAI-2010-144
Date Published: 24 Aug 2010
Severity: Critical
Last Updated: Friday 01 January, 2010
Source: Secunia Advisory SA40686
Industry Reference:CVE-2010-2703
Protection Provided by:
Who is Vulnerable? HP OpenView Network Node Manager (OV NNM) 7.51
HP OpenView Network Node Manager (OV NNM) 7.53
Vulnerability Description A vulnerability has been reported in HP OpenView Network Node Manager (NNM). The vulnerability is due to a boundary error when processing maliciously crafted HTTP requests. A remote unauthenticated attacker can exploit this vulnerability by sending a crafted HTTP request to a target server, potentially resulting in remote code execution.
Update/Patch AvaliableVendor's advisory.
Vulnerability DetailsThe vulnerability is caused due to a boundary error within the "execvp_nc()" function in ov.dll when copying strings from an HTTP request using the "strcat_new()" function.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK