Signature Detail
Short Name |
APP:HPOV:OALARM-LANG-OF |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
Hewlett-Packard OVAlarm OvAcceptLang Overflow |
Release Date |
2010/01/06 |
Update Number |
1581 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
APP: Hewlett-Packard OVAlarm OvAcceptLang Overflow
This signature detects attempts to exploit a known vulnerability in the HP OpenView Network Node Manager. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.
Extended Description
HP OpenView Network Node Manager is prone to a heap-based buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied input before copying it to insufficiently sized buffers. Successfully exploiting this issue may allow an attacker to execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will likely crash the application. HP OpenView Network Node Manager 7.51, 7.53, and 7.53 with patch NNM_01195 are vulnerable.
Affected Products
- HP OpenView Network Node Manager 7.0.0.1
- HP OpenView Network Node Manager 7.0.0.1 HP-UX 11.X
- HP OpenView Network Node Manager 7.0.0.1 Linux
- HP OpenView Network Node Manager 7.0.0.1 Solaris
- HP OpenView Network Node Manager 7.0.0.1 Windows 2000/XP
- HP OpenView Network Node Manager 7.01
- HP OpenView Network Node Manager 7.51
- HP OpenView Network Node Manager 7.53
- HP OpenView Network Nod Manager 7.53 patch NNM_01195
References
- BugTraq: 37347
- BugTraq: 34134
- CVE: CVE-2009-4179
- CVE: CVE-2009-0921
- CVE: CVE-2009-4179