HP OpenView Network Node Manager 6.10 - SNMP Denial of Service

source: https://www.securityfocus.com/bid/1713/info

The OverView5 CGI interface by default is shipped with HP Openview Node Manager.

HP Openview Node Manager can be compromised due to an unchecked buffer. By sending a specially crafted GET request comprised of 136 bytes to the web services (default port 80) through the Overview5 CGI interface, the SNMP service will crash.

Successful exploitation, depending on the data entered, will allow the execution of arbitrary code.

http://target/OvCgi/OpenView5.exe?Context=Snmp&Action=Snmp&Host=&Oid=<string of characters consisting of 136 bytes>