This application requires Javascript for optimal performance.

HP.OpenView.NNM.Snmp.EXE.Oid.Variable.Buffer.Overflow

Release Date

Jan 07, 2010

Severity

critical

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Description

This indicates an attack attempt against a buffer overflow vulnerability in Hewlett-Packard OpenView Network Node Manager.

The vulnerability is caused by an error when the vulnerable software handles a overlong "Oid" variable that is passed to "snmp.exe". It allows a remote attacker to execute arbitrary code via sending a crafted HTTP request.

Affected Products

HP OpenView Network Node Manager 7.50 Windows 2000/XP
HP OpenView Network Node Manager 7.50 Solaris
HP OpenView Network Node Manager 7.50 Linux
HP OpenView Network Node Manager 7.50 HP-UX 11.X
HP OpenView Network Node Manager 7.50
HP OpenView Network Node Manager 7.53
HP OpenView Network Node Manager 7.51
HP OpenView Network Node Manager 7.50
HP OpenView Network Node Manager 7.01

Recommended Actions

Refer to the vendor's web site for suggested workaround.
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c
01950877

Coverage

IPS
VCM

Common Vulnerabilities and Exposures (CVE)

CVE-2009-3849

Reference/s

http://www.zerodayinitiative.com/advisories/ZDI-09-095/
http://www.securityfocus.com/bid/32761 (BugTraq)

Reference: VID-18040