Computer Security
[EN] securityvulns.ru no-pyccku


HP OpenView Network Node Manager code excution
Published:14.06.2008
Source:
SecurityVulns ID:9084
Type:remote
Threat Level:
6/10
Description:Integer overflow on TCP/8886 request parsing.
Affected:HP : OpenView Network Node Manager 7.53
CVE:CVE-2008-1842 (Integer signedness error in ovspmd.exe in HP OpenView Network Node Manager (OV NNM) 7.53 and earlier allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a long request to TCP port 8886 that begins with a certain negative integer, which passes a signed comparison and triggers a heap-based buffer overflow.)
Original documentdocumentHP, [security bulletin] HPSBMA02340 SSRT080024, SSRT080041 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code, Denial of Service (DoS) (14.06.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod