Lucene search

K
saintSAINT CorporationSAINT:EB5CC2178A48D85450DEA40F8E9B5362
HistoryMar 23, 2009 - 12:00 a.m.

HP OpenView Network Node Manager OpenView5.exe buffer overflow

2009-03-2300:00:00
SAINT Corporation
download.saintcorporation.com
17

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.835 High

EPSS

Percentile

98.5%

Added: 03/23/2009
CVE: CVE-2008-0067
BID: 33147

Background

HP OpenView Network Node Manager is network availability and performance management software.

Problem

A buffer overflow vulnerability in the **OpenView5.exe** CGI program allows remote attackers to execute arbitrary commands.

Resolution

Apply one of the patches referenced in HPSBMA02400 SSRT080144.

References

<http://secunia.com/secunia_research/2008-13/&gt;

Limitations

Exploit works on HP OpenView Network Node Manager 7.53 on Windows 2000.

Platforms

Windows

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.835 High

EPSS

Percentile

98.5%