HP OpenView Network Node Manager ovwebsnmpsrv.exe ovutil.dll stringToSeconds Buffer Overflow

Added: 05/23/2011
CVE: CVE-2011-0262
BID: 45762
OSVDB: 70470

Background

HP OpenView Network Node Manager is network availability and performance management software.

Problem

A buffer overflow vulnerability affecting ovwebsnmpsrv.exe, in the stringToSeconds function in ovutil.dll, allows remote attackers to execute arbitrary commands by sending a specially crafted HTTP request.

Resolution

Apply the appropriate patch.

References

http://www.zerodayinitiative.com/advisories/ZDI-11-004/

Limitations

Exploit works on HP OpenView Network Node Manager 7.53 on Windows Server 2003 with DEP AlwaysOff.

On Windows Server 2003, read and execute privileges on the file %windir%\system32\cmd.exe must be granted to the Internet Guest Account IUSR_<computername> for the exploit to work properly. Note that users in the Users and Power Users groups do not have such privileges, but users in the Administrators and TelnetClients groups do.

Platforms

Windows Server 2003

Back to exploit index