Release DateJan 13, 2012 |
Severitycritical |
ImpactA remote user can send a specially crafted data to cause a buffer overflow or memory corruption error, and execute arbitrary code on the target system. |
DescriptionHP Open View Network Node Manager (OV NNM) is a commercial system management software package distributed by Hewlett Packard.In January 2011, HP published security bulletin HP_ID_c02670501 regarding to multiple stack-based buffer overflows in ovas.exe in the OVAS service, part of the HP OpenView Network Node Manager application. Due to its improper handing of the Source Node or Destination Node name POST variables before coping the user-supplied data into a fixed-length buffer on the stack, a remote attacker can exploit this vulnerability to execute arbitrary code under the context of the OVAS service by sending a specially crafted POST request with a malformed Source Node or Destination Node variable using a POST request. |
Affected ProductsHP OpenView Network Node Manager (OV NNM) v7.51, v7.53 running on HP-UX, Linux, Solaris, and Windows |
Recommended ActionsHP has released patches available to resolve the vulnerabilities for NNM v7.53. The patches can be downloaded from: http://support.openview.hp.com/selfsolve/patchesFor OV NNM v7.51 users, upgrade to NNM v7.53 and apply the NNM v7.53 resolution listed above. Patch bundles for upgrading from NNM v7.51 to NNM v7.53 are available using ftp. More information of ftp can be found in vendor's website: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02670501 For FortiGate users, turning on the following IPS signature can prevent exploitation of these vulnerabilities: HP.OpenView.NNM.Ovas.Remote.Overflow |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2011-0263 |
Reference/shttp://www.securityfocus.com/bid/45762 (BugTraq) |
