HP OpenView Network Node Manager is network availability and performance management software.
A buffer overflow vulnerability affecting
**ovwebsnmpsrv.exe**, in the
**stringToSeconds** function in
**ovutil.dll**, allows remote attackers to execute arbitrary commands by sending a specially crafted HTTP request.
Apply the appropriate patch.
Exploit works on HP OpenView Network Node Manager 7.53 on Windows Server 2003 with DEP AlwaysOff.
On Windows Server 2003, read and execute privileges on the file
**_%windir%_\system32\cmd.exe** must be granted to the Internet Guest Account
**IUSR__<computername>_** for the exploit to work properly. Note that users in the
**Power Users** groups do not have such privileges, but users in the
**TelnetClients** groups do.
Windows Server 2003