HP OpenView Network Node Manager Toolbar.exe CGI buffer overflow

Added: 01/09/2009
CVE: CVE-2008-0067
BID: 33147

Background

HP OpenView Network Node Manager is network availability and performance management software.

Problem

A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by requesting the Toolbar.exe CGI program with a long, specially crafted parameter.

Resolution

Apply a fix when available, or restrict access to the Toolbar.exe CGI program.

References

http://secunia.com/secunia_research/2008-13/

Limitations

Exploit works on HP OpenView Network Node Manager 7.5 on Windows 2000.

Platforms

Windows

Back to exploit index