HP OpenView Network Node Manager OvOSLocale cookie buffer overflow
Added: 03/26/2009CVE: CVE-2009-0920
Background
HP OpenView Network Node Manager is network availability and performance management software.Problem
A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a long, specially crafted OvOSLocale cookie in an HTTP request for Toolbar.exe.Resolution
Apply one of the patches referenced in HPSBMA02416 SSRT090008.References
http://www.securityfocus.com/archive/1/502054Limitations
Exploit works on HP OpenView Network Node Manager 7.53.On Windows Server 2003, Read and Execute privileges on the file '%windir%\system32\cmd.exe' must be granted to the Internet Guest Account (IUSR_<computername>) in order for the exploit to succeed. The 'Users' and 'Power Users' groups don't have such privileges, but the 'Administrators' and 'TelnetClients' groups can execute 'cmd.exe'.
The patch KB933729 must be applied on Windows Server 2003 in order to bypass DEP protection.
Platforms
Windows 2000Windows Server 2003
Back to exploit index