Intrusion PreventionHP.OpenView.NNM.ovlogin.exe.Buffer.Overflow
Description
This indicates an attack attempt against a buffer overflow vulnerability in Hewlett-Packard OpenView Network Node Manager.
The vulnerability is caused by an error when the vulnerable software handles an overly long "passwd" variable that is passed to "ovlogin.exe". It allows a remote attacker to execute arbitrary code via sending a crafted HTTP POST request to the vulnerable application.
Affected Products
HP OpenView Network Node Manager 7.50 Windows 2000/XP
HP OpenView Network Node Manager 7.50 Solaris
HP OpenView Network Node Manager 7.50 Linux
HP OpenView Network Node Manager 7.50 HP-UX 11.X
HP OpenView Network Node Manager 7.50
HP OpenView Network Node Manager 7.53
HP OpenView Network Node Manager 7.51
HP OpenView Network Node Manager 7.50
HP OpenView Network Node Manager 7.01
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Refer to the vendor's web site for suggested workaround.
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01950877
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2019-02-01 | 14.540 | Name:HP. Openview. NNM. ovlogin. exe. Buffer. Overflow:HP. OpenView. NNM. ovlogin. exe. Buffer. Overflow |
| ID | 33232 |
| Created | Sep 28, 2012 |
| Updated | May 02, 2022 |
| Risk |
|
| CVE ID | CVE-2009-3846 |
| Exploit Prediction Score | 78.94% |
| Default Action | drop |
| Active | |
| Affected OS | Windows |
| Affected App | HP |