Short Name |
APP:HPOV:OALARM-LANG-OF |
---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
Hewlett-Packard OVAlarm OvAcceptLang Overflow |
Release Date |
2010/01/06 |
Update Number |
1581 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vsrx-12.1+ |
This signature detects attempts to exploit a known vulnerability in the HP OpenView Network Node Manager. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.
HP OpenView Network Node Manager is prone to a heap-based buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied input before copying it to insufficiently sized buffers. Successfully exploiting this issue may allow an attacker to execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will likely crash the application. HP OpenView Network Node Manager 7.51, 7.53, and 7.53 with patch NNM_01195 are vulnerable.