Signature Detail
Short Name |
APP:HPOV:OVJAVALOCALE-OF |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
HP OpenView Network Node Manager OvJavaLocale Buffer Overflow |
Release Date |
2010/09/28 |
Update Number |
1780 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
APP: HP OpenView Network Node Manager OvJavaLocale Buffer Overflow
This signature detects attempts to exploit a known buffer overflow vulnerability in HP OpenView Network Node Manager (NNM). This is due to a boundary error in the webappmon.exe CGI application when processing the OvJavaLocale cookie variable sent in a crafted HTTP request. A remote unauthenticated attacker can exploit this vulnerability by sending a crafted HTTP request to a target server, potentially causing arbitrary code to be injected and executed in the security context of the webappmon.exe process.
Extended Description
HP OpenView Network Node Manager is prone to a remote code-execution vulnerability because the 'webappmon.exe' CGI application fails to adequately validate user-supplied input. Successful exploits can allow an attacker to execute arbitrary code with the privileges of the user running the webserver. Failed exploit attempts will likely result in denial-of-service conditions. OpenView Network Node Manager 7.51 and 7.53 are vulnerable.
Affected Products
- HP OpenView Network Node Manager 7.51
- HP OpenView Network Node Manager 7.53
References