Update Protection against HP OpenView Network Node Manager ovalarmsrv Integer Overflow
| Check Point Reference: | CPAI-2009-083 | |
| Date Published: | ||
| Preemptive Since: | ||
| Severity: | ||
| Source: | Secunia Advisory: SA31672 | |
| Industry Reference(s): | ||
| Protection Provided by: |
IPS-1
|
|
| Who is Vulnerable? HP OpenView Network Node Manager (OV NNM) 7.01 HP OpenView Network Node Manager (OV NNM) 7.51 HP OpenView Network Node Manager (OV NNM) 7.53 | ||
| Vulnerability Description HP OpenView Network Node Manager (NNM) is a software application designed for management, maintenance and monitoring of networks and network devices. The application fails to properly validate maliciously crafted requests. By sending a crafted request, a remote unauthenticated attacker could overflow a buffer and execute arbitrary code on the target system. |
||
|
Update/Patch Available HP has released an advisory: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01723303 |
|
|
Vulnerability Details The vulnerability specifically exists in OpenView Network Node Manager ovalarmsrv.exe program which is installed by default with HP OpenView to listen for client requests. An attacker can trigger the vulnerability by sending crafted requests to the ovalarmsrv.exe. |
Protection Overview By enabling this protection, IPS-1 will detect and block invalid requests to the HP OpenView ovalarmsrv process.
To configure the defense, select your product from the list below and follow the related protection steps.