Lucene search

SAINT CorporationSAINT:0E035358E20C1980A990A7E79882A47F

HistoryAug 16, 2007 - 12:00 a.m.

HP OpenView Operations OVTrace buffer overflow

2007-08-1600:00:00

SAINT Corporation

my.saintcorporation.com

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.915 High

EPSS

Percentile

98.8%

JSON

Added: 08/16/2007
CVE: CVE-2007-3872
BID: 25255
OSVDB: 39527

Background

HP OpenView Operations is event management and performance monitoring software.

Problem

A buffer overflow vulnerability in HP OpenView Operations allows remote attackers to execute arbitrary commands by sending a specially crafted request to the OVTrace service.

Resolution

See TPTI-07-14 for fix information.

References

<http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=574>

Limitations

Exploit works on HP OpenView Internet Service (OVIS) 6.00.081.

Platforms

Windows 2000
Windows Server 2003

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.915 High

EPSS

Percentile

98.8%

JSON

Related for SAINT:0E035358E20C1980A990A7E79882A47F