HP OpenView Network Node Manager OVBuildPath Overflow

2012-02-20T00:00:00
ID SAINT:AB5617474F7BE9B629ADCCF2D88D5092
Type saint
Reporter SAINT Corporation
Modified 2012-02-20T00:00:00

Description

Added: 02/20/2012
CVE: CVE-2011-3167
BID: 50471
OSVDB: 76775

Background

HP OpenView Network Node Manager (NNM) is a network monitoring solution based on SNMP.

Problem

User supplied data from the NNM web interface is passed to the OVBuildPath function in ov.dll. This function contains a stack overflow vulnerability that may allow an unauthenticated attacker to take control of the server.

Resolution

No patches are available at this time. Restrict access to the web interface of the NNM server.

References

<http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03054052>
<http://www.zerodayinitiative.com/advisories/ZDI-12-002/>
<http://www.zerodayinitiative.com/advisories/ZDI-12-003/>

Limitations

This exploit has been tested against HP OpenView Network Node Manager 7.53 on Windows Server 2003 SP2 English (DEP OptOut) with KB956802 and KB2393802.

Platforms

Windows