Intrusion Prevention

HP.OpenView.NNM.OVAS.Pre.Authentication.Buffer.Overflow

Description

This indicates an attempt to exploit a buffer overflow vulnerability in HP OpenView Network Node Manager.
The vulnerability is in OVAS.EXE, and is caused by a faulty user input check of the HTTP URL length. It can be triggered by an overly long HTTP GET request sent to port 7510/TCP. As a result, a remote attacker may be able to execute arbitrary code.

Affected Products

Openview 7.5.1 and prior.

Impact

System compromise: remote code execution.

Recommended Actions

Currently we are not aware of any vendor supplied patch for this issue.

CVE References

CVE-2008-1697