Fortinet Discovers HP OpenView Network Node Manager ovspmd.exe Buffer Overflow Vulnerability
Fortinet's FortiGuard Labs has discovered buffer overflow vulnerability in OpenView Network Node Manager ovspmd.exe .
SolutionsFortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:
Released May 21, 2008
Users should apply the solution provided by HP.
The HP OpenView Process Manager service is available through the "ovspmd" process, which by default listens on TCP port 8886 or 8887. By sending a specially crafted request to this process, an attacker can cause the service to crash. This can then be used to cause denial of service, or may allow the attacker to gain control of the vulnerable system.
Liu Zhen Hua of Fortinet's FortiGuard Global Security Research Team