SAINT CorporationSAINT:EB734DA0E8A05C87A78834642EFE707DHP OpenView Network Node Manager ovalarm.exe Accept-Language buffer overflow
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.952 High
EPSS
Percentile
99.3%
Added: 12/22/2009
CVE: CVE-2009-4179
BID: 37261
OSVDB: 60930
Background
HP OpenView Network Node Manager is network availability and performance management software.
Problem
A buffer overflow in the **ovalarm.exe** CGI program allows command execution when an attacker sends an HTTP request to this program with a specially crafted Accept-Language header.
Resolution
See HPSBMA02483 SSRT090257 rev.2 for patch information.
References
<http://archives.neohapsis.com/archives/bugtraq/2009-12/0164.html>
Limitations
Exploit works on HP OpenView Network Node Manager 7.53 with the patch NNM_01200 on Windows Server 2003 SP2 with the patch KB933729.
Read and Execute privileges on the file %windir%\system32\cmd.exe must be granted to the Internet Guest Account “IUSR_<computername>” for the exploit to work properly.
Platforms
Windows
Related
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.952 High
EPSS
Percentile
99.3%