HP Openview Network Node Manager Ovalarmsrv buffer overflow

Added: 04/18/2008
CVE: CVE-2008-3544
BID: 28668
OSVDB: 50076

Background

HP OpenView Network Node Manager is network availability and performance management software.

Problem

A buffer overflow vulnerability in the Ovalarmsrv service in Network Node Manager allows remote attackers to execute arbitrary commands.

Resolution

Apply the appropriate patch.

References

http://aluigi.altervista.org/adv/closedview_old-adv.txt

Limitations

Exploit works on HP OpenView Network Node Manager 7.50 for Windows and HP OpenView Network Node Manager 7.01 for Linux.

Platforms

Windows 2000
Windows Server 2003
Linux

Back to exploit index