HP Openview Network Node Manager ovwparser.dll buffer overflow

Added: 04/14/2008
CVE: CVE-2008-1697
BID: 28569
OSVDB: 43992

Background

HP OpenView Network Node Manager is network availability and performance management software.

Problem

A vulnerability in ovwparser.dll allows remote attackers to execute arbitrary commands by sending a request for a long, specially crafted URI which is processed by ovas.exe.

Resolution

Apply a fix when available.

References

http://secunia.com/advisories/29641/

Limitations

Exploit works on HP OpenView Network Node Manager 7.51.

Platforms

Windows

Back to exploit index