Intrusion Prevention

HP.OpenView.Network.Node.Manager.Ovalarmsrv.Integer.Overflow

Description

This indicates an attack attempt against an integer-overflow vulnerability in HP OpenView Network Node Manager software.
The vulnerability is caused by an error when the ovalarmsrv.exe server handles a specially crafted request. It allows a remote attacker to execute arbitrary code.

Affected Products

HP OpenView Network Node Manager (OV NNM) version 7.01
HP OpenView Network Node Manager (OV NNM) version 7.51
HP OpenView Network Node Manager (OV NNM) version 7.53

Impact

System compromise

Recommended Actions

Apply the patch supplied by the vendor:
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01723303

CVE References

CVE-2008-2438