HTTP: HP OpenView Network Node Manager Buffer Overflow
This signature detects attempts to exploit a known vulnerability in the HP OpenView Network Node Manager (NNM). A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the system.
Extended Description
HP OpenView Network Node Manager is prone to multiple buffer-overflow vulnerabilities because it fails to adequately bounds-check user-supplied input before copying it to insufficiently sized buffers. Successfully exploiting these issues may allow an attacker to execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will likely crash the application. These issues affect HP OpenView Network Node Manager 7.51 with NNM_01168; other versions may also be affected.
Affected Products
Hp openview_network_node_manager
References
BugTraq: 37347 37261 34134 33147 34294 26741
CVE: CVE-2008-0067
URL: http://dvlabs.tippingpoint.com/advisory/TPTI-09-12 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01950877 http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01696729 http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01950877 http://dvlabs.tippingpoint.com/advisory/tpti-09-12 http://h20000.www2.hp.com/bizsupport/techsupport/document.jsp?objectid=c01188923 http://www.zerodayinitiative.com/advisories/zdi-07-071.html
Short Name
HTTP:OVERFLOW:OPENVIEW-NNM-BO
Severity
Critical
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Buffer CVE-2007-6204 CVE-2008-0067 CVE-2009-0920 CVE-2009-0921 CVE-2009-4179 HP Manager Network Node OpenView Overflow bid:26741 bid:33147 bid:34134 bid:34294 bid:37261 bid:37347
Release Date
04/27/2010
Supported Platforms
srx-branch-19.3
vsrx3bsd-19.2
srx-19.4
vsrx3bsd-19.4
srx-branch-19.4
vsrx-19.4
vsrx-19.2
srx-19.3
srx-branch-12.3
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx-12.3
vmx-19.3
srx-12.3
Sigpack Version
3725
False Positive
Unknown
Vendors
Hp
CVSS Score
7.5
10.0