APP: Hewlett-Packard OpenView OVTrace Buffer Overflow
This signature detects attempts to exploit a known vulnerability in the Hewlett-Packard OpenView. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the super user.
Extended Description
HP OpenView applications are prone to multiple remote stack-based buffer-overflow vulnerabilities because it fails to perform adequate boundary checks on input that is supplied to opcode handlers of affected services. These vulnerabilities affect the 'ovtrcsvc.exe' and the 'OVTrace.exe' service. Attackers can exploit these issues to execute arbitrary code with superuser privileges.
Affected Products
Hp openview_service_desk_process_insight
Short Name
APP:HPOV:OVTRACE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
APP
Keywords
Buffer CVE-2007-3872 Hewlett-Packard OVTrace OpenView Overflow bid:25255
Release Date
12/12/2007
Supported Platforms
srx-branch-19.3
vsrx3bsd-19.2
srx-19.4
vsrx3bsd-19.4
srx-branch-19.4
vsrx-19.4
vsrx-19.2
srx-19.3
srx-branch-12.3
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx-12.3
vmx-19.3
srx-12.3
Sigpack Version
3729
Port
TCP/5051,5053
False Positive
Unknown
Vendors
Hp
CVSS Score
6.8