HP OpenView Network Node Manager ovlogin.exe buffer overflow
Added: 12/24/2007CVE: CVE-2007-6204
BID: 26741
OSVDB: 39529
Background
HP OpenView Network Node Manager is network availability and performance management software.Problem
A buffer overflow in the Network Node Manager web interface allows remote attackers to execute arbitrary commands by sending a long, specially crafted argument to the ovlogin.exe CGI program.Resolution
Apply one of the patches referenced in HPSBMA02281 SSRT061261.References
http://www.zerodayinitiative.com/advisories/ZDI-07-071.htmlLimitations
Exploit works on HP OpenView Network Node Manager 6.41 on Windows 2000.Platforms
WindowsBack to exploit index