SAINT CorporationSAINT:1B3DC2DC93CA32D821F922E364385055HP OpenView Network Node Manager OVBuildPath Overflow
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.964 High
EPSS
Percentile
99.4%
Added: 02/20/2012
CVE: CVE-2011-3167
BID: 50471
OSVDB: 76775
Background
HP OpenView Network Node Manager (NNM) is a network monitoring solution based on SNMP.
Problem
User supplied data from the NNM web interface is passed to the OVBuildPath function in ov.dll. This function contains a stack overflow vulnerability that may allow an unauthenticated attacker to take control of the server.
Resolution
No patches are available at this time. Restrict access to the web interface of the NNM server.
References
<http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03054052>
<http://www.zerodayinitiative.com/advisories/ZDI-12-002/>
<http://www.zerodayinitiative.com/advisories/ZDI-12-003/>
Limitations
This exploit has been tested against HP OpenView Network Node Manager 7.53 on Windows Server 2003 SP2 English (DEP OptOut) with KB956802 and KB2393802.
Platforms
Windows
Related
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.964 High
EPSS
Percentile
99.4%