Intrusion Prevention

HP.OpenView.NNM.Ovalarmsrv.Service.Buffer.Overflow

Description

This indicates an attack attempt to exploit a buffer-overflow vulnerability in the HP OpenView Network Node Manager "Ovalarmsrv" Service.
The vulnerability is caused by a boundary check error when processing malformed user requests. A remote attacker may exploit this to execute arbitrary code or cause a denial-of-service condition.

Affected Products

HP OpenView Network Node Manager 7.53
HP OpenView Network Node Manager 7.50
HP OpenView Network Node Manager 7.01

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.
Denial of Service: Remote attackers can crash vulnerable systems.

Recommended Actions

Apply the patch, available from the following web site:
ftp://ss080043:ss080043@hprc.external.hp.com/

CVE References

CVE-2008-1851