|Check Point Reference:||CPAI-2014-1742|
|Date Published:||3 Aug 2014|
|Last Updated:||29 Jul 2014|
|Protection Provided by:||
|Who is Vulnerable?|| Hewlett-Packard OpenView Network Node Manager (OV NNM) 7.01 |
Hewlett-Packard OpenView Network Node Manager (OV NNM) 7.51
Hewlett-Packard OpenView Network Node Manager (OV NNM) 7.53
|Vulnerability Description||A buffer overflow vulnerability exists in the HP OpenView Network Node Manager (NNM) CGI program snmpviewer.exe. The vulnerability is due to a boundary error when processing the Host header from HTTP requests. A remote unauthenticated attacker can exploit this vulnerability by sending a crafted HTTP request to a target server, potentially causing arbitrary code to be injected and executed in the security context of the Internet Guest account.|
This protection will detect and block attempts to exploit this vulnerability.
In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, Protection tab and select the version of your choice.
- In the IPS tab, click Protections and find the HP OpenView Network Node Manager snmpviewer.exe Host Header Buffer Overflow protection using the Search tool and Edit the protection's settings.
- Install policy on all modules.
SmartView Tracker will log the following entries:
Attack Name: HP Products Protection Violation.
Attack Information: HP OpenView Network Node Manager snmpviewer.exe Host Header Buffer Overflow