HP.OpenView.NNM.OvWebHelp.Buffer

Name	HP.OpenView.NNM.OvWebHelp.Buffer.Overflow
Release Date	Mar 09, 2010
Severity	Critical
Impact	System Compromise
Description	This indicates an attack attempt against a buffer overflow vulnerability in HP OpenView Network Node Manager (NNM). The vulnerability is caused by an error when the vulnerable software handles a specially crafted HTTP POST request. It allows a remote attacker to execute arbitrary code.
Affected Products	HP OpenView Network Node Manager 7.50 Windows 2000/XP HP OpenView Network Node Manager 7.50 Solaris HP OpenView Network Node Manager 7.50 Linux HP OpenView Network Node Manager 7.50 HP-UX 11.X HP OpenView Network Node Manager 7.50 HP OpenView Network Node Manager 7.53 HP OpenView Network Node Manager 7.51 HP OpenView Network Node Manager 7.50 HP OpenView Network Node Manager 7.01
Recommended Actions	Apply patch: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01950877
Common Vulnerabilities and Exposures (CVE)	http://cve.mitre.org/cgi-bin/cvename.cgi?name=2009-4178
Reference/s	http://www.securityfocus.com/bid/37340 (BugTraq)

Reference: VID-18229