Update Protection against HP OpenView Network Node Manager rping Stack Buffer Overflow
| Check Point Reference: | CPAI-2009-201 | |
| Date Published: | ||
| Severity: | ||
| Source: | Secunia Advisory: 35408 | |
| Industry Reference(s): | ||
| Protection Provided by: |
IPS-1
|
|
| Who is Vulnerable? HP OpenView Network Node Manager 7.51 HP OpenView Network Node Manager 7.53 prior to rev. 1.30.009 | ||
| Vulnerability Description A buffer overflow vulnerability exists in HP Network Node Manager, a software application designed for management, maintenance and monitoring of networks and network devices. The flaw is due to a boundary error when processing crafted packets sent to the server. Remote attackers could exploit this vulnerability by sending a crafted HTTP request to the affected TCP port. The vulnerability could allow remote attackers to execute arbitrary code on a vulnerable system. |
||
|
Vulnerability Details The vulnerability exists due to insufficient boundary checks when handling overly long hostname values. Remote attackers could exploit this vulnerability by sending a carefully crafted packet to a vulnerable HP OpenView Network Node Manager server. |
Protection Overview
By enabling this protection, IPS-1 will detect and block CGI requests to the HP OpenView server's rping utility with invalid hostnames.
To configure the defense, select your product from the list below and follow the related protection steps.