Update Protection against HP OpenView Network Node Manager ovlogin.exe Buffer Overflow
| Check Point Reference: | CPAI-2009-313 | |
| Date Published: | ||
| Severity: | ||
| Source: | Secunia Advisory: 37665 | |
| Industry Reference(s): | CVE-2009-3846 | |
| Protection Provided by: |
IPS-1
|
|
| Who is Vulnerable? HP OpenView Network Node Manager (OV NNM) 7.01 HP OpenView Network Node Manager (OV NNM) 7.51 HP OpenView Network Node Manager (OV NNM) 7.53 | ||
| Vulnerability Description A buffer overflow vulnerability exists in HP OpenView Network Node Manager (NNM). The vulnerability is due to a boundary error in ovlogin.exe, the login process of a CGI application shipped with OpenView NNM. A remote unauthenticated attacker can exploit this vulnerability by sending a crafted HTTP request to a target server, potentially causing arbitrary code injection and execution on the target system. |
||
|
Update/Patch Available HP has released an advisory addressing this vulnerability: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01950877 |
|
|
Vulnerability Details The vulnerability is due to insufficient boundary checking when processing userid and passwd parameters sent in a HTTP request. A remote unauthenticated attacker can exploit this vulnerability by sending a crafted HTTP request to a target server. Successful exploitation could result in execution of arbitrary code. |
Protection Overview
This protection will detect and block HP OpenView CGI binary ovlogin.exe requests with a long username or password parameter.
To configure the defense, select your product from the list below and follow the related protection steps.