CVE-2008-1697
HP OpenView Network Node Manager (OV NNM) 7.5.1 - 'OVAS.exe' Overflow (SEH)
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
4Exploited in Wild
-Decision
Descriptions
Stack-based buffer overflow in ovwparser.dll in HP OpenView Network Node Manager (OV NNM) 7.53, 7.51, and earlier allows remote attackers to execute arbitrary code via a long URI in an HTTP request processed by ovas.exe, as demonstrated by a certain topology/homeBaseView request. NOTE: some of these details are obtained from third party information.
Un desbordamiento de búfer en la región stack de la memoria en la biblioteca ovwparser.dll en HP OpenView Network Node Manager (OV NNM) versiones 7.53, 7.51 y anteriores, permite a los atacantes remotos ejecutar código arbitrario por medio de un URI largo en una petición HTTP procesada por el archivo ovas.exe, como es demostrado por una determinada petición de topology/homeBaseView. NOTA: algunos de estos datos fueron obtenidos de la información de terceros.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2008-04-08 CVE Reserved
- 2008-04-08 CVE Published
- 2010-10-12 First Exploit
- 2024-08-07 CVE Updated
- 2024-09-10 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (9)
| URL | Tag | Source |
|---|---|---|
| http://www.securitytracker.com/id?1019782 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/41600 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/5342 | 2024-08-07 | |
| https://www.exploit-db.com/exploits/16774 | 2010-10-12 | |
| http://www.offensive-security.com/0day/hp-nnm-ov.py.txt | 2024-08-07 | |
| http://www.securityfocus.com/bid/28569 | 2024-08-07 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://marc.info/?l=bugtraq&m=121553626110871&w=2 | 2017-09-29 | |
| http://secunia.com/advisories/29641 | 2017-09-29 | |
| http://www.vupen.com/english/advisories/2008/1085/references | 2017-09-29 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Hp Search vendor "Hp" | Openview Network Node Manager Search vendor "Hp" for product "Openview Network Node Manager" | <= 7.53 Search vendor "Hp" for product "Openview Network Node Manager" and version " <= 7.53" | - |
Affected
| ||||||
| Hp Search vendor "Hp" | Openview Network Node Manager Search vendor "Hp" for product "Openview Network Node Manager" | 7.0.1 Search vendor "Hp" for product "Openview Network Node Manager" and version "7.0.1" | - |
Affected
| ||||||
| Hp Search vendor "Hp" | Openview Network Node Manager Search vendor "Hp" for product "Openview Network Node Manager" | 7.51 Search vendor "Hp" for product "Openview Network Node Manager" and version "7.51" | - |
Affected
| ||||||