SAINT CorporationSAINT:FC26AE2095ED6CB1993964363779B1DBHP OpenView Network Node Manager ovwebsnmpsrv.exe ovutil.dll stringToSeconds Buffer Overflow
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.943 High
EPSS
Percentile
99.1%
Added: 05/23/2011
CVE: CVE-2011-0262
BID: 45762
OSVDB: 70470
Background
HP OpenView Network Node Manager is network availability and performance management software.
Problem
A buffer overflow vulnerability affecting **ovwebsnmpsrv.exe**, in the **stringToSeconds** function in **ovutil.dll**, allows remote attackers to execute arbitrary commands by sending a specially crafted HTTP request.
Resolution
Apply the appropriate patch.
References
<http://www.zerodayinitiative.com/advisories/ZDI-11-004/>
Limitations
Exploit works on HP OpenView Network Node Manager 7.53 on Windows Server 2003 with DEP AlwaysOff.
On Windows Server 2003, read and execute privileges on the file **_%windir%_\system32\cmd.exe** must be granted to the Internet Guest Account **IUSR__<computername>_** for the exploit to work properly. Note that users in the **Users** and **Power Users** groups do not have such privileges, but users in the **Administrators** and **TelnetClients** groups do.
Platforms
Windows Server 2003
Related
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.943 High
EPSS
Percentile
99.1%