// For flags

CVE-2008-1842

HP OpenView Network Node Manager 7.x - 'ovspmd' Buffer Overflow

Severity Score

10.0
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

2
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Integer signedness error in ovspmd.exe in HP OpenView Network Node Manager (OV NNM) 8.01, and 7.53 and earlier, allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a long request to TCP port 8886 that begins with a certain negative integer, which passes a signed comparison and triggers a heap-based buffer overflow.

Error en la propiedad signedness de enteros en el archivo ovspmd.exe en HP OpenView Network Node Manager (OV NNM) versiones 8.01 y 7.53 y anteriores, permite a los atacantes remotos causar una denegación de servicio (bloqueo del demonio) o ejecutar código arbitrario por medio de una petición larga al puerto TCP 8886 que comienza con un determinado entero negativo, que pasa una comparación firmada y desencadena un desbordamiento de búfer en la región heap de la memoria.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2008-04-08 First Exploit
  • 2008-04-16 CVE Reserved
  • 2008-04-16 CVE Published
  • 2023-03-07 EPSS Updated
  • 2024-08-07 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-189: Numeric Errors
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Hp
Search vendor "Hp"
Openview Network Node Manager
Search vendor "Hp" for product "Openview Network Node Manager"
<= 7.53
Search vendor "Hp" for product "Openview Network Node Manager" and version " <= 7.53"
-
Affected
Hp
Search vendor "Hp"
Openview Network Node Manager
Search vendor "Hp" for product "Openview Network Node Manager"
4.11
Search vendor "Hp" for product "Openview Network Node Manager" and version "4.11"
-
Affected
Hp
Search vendor "Hp"
Openview Network Node Manager
Search vendor "Hp" for product "Openview Network Node Manager"
5.0.1
Search vendor "Hp" for product "Openview Network Node Manager" and version "5.0.1"
-
Affected
Hp
Search vendor "Hp"
Openview Network Node Manager
Search vendor "Hp" for product "Openview Network Node Manager"
5.01
Search vendor "Hp" for product "Openview Network Node Manager" and version "5.01"
-
Affected
Hp
Search vendor "Hp"
Openview Network Node Manager
Search vendor "Hp" for product "Openview Network Node Manager"
6.0.1
Search vendor "Hp" for product "Openview Network Node Manager" and version "6.0.1"
-
Affected
Hp
Search vendor "Hp"
Openview Network Node Manager
Search vendor "Hp" for product "Openview Network Node Manager"
6.1
Search vendor "Hp" for product "Openview Network Node Manager" and version "6.1"
-
Affected
Hp
Search vendor "Hp"
Openview Network Node Manager
Search vendor "Hp" for product "Openview Network Node Manager"
6.2
Search vendor "Hp" for product "Openview Network Node Manager" and version "6.2"
-
Affected
Hp
Search vendor "Hp"
Openview Network Node Manager
Search vendor "Hp" for product "Openview Network Node Manager"
6.4
Search vendor "Hp" for product "Openview Network Node Manager" and version "6.4"
-
Affected
Hp
Search vendor "Hp"
Openview Network Node Manager
Search vendor "Hp" for product "Openview Network Node Manager"
6.10
Search vendor "Hp" for product "Openview Network Node Manager" and version "6.10"
-
Affected
Hp
Search vendor "Hp"
Openview Network Node Manager
Search vendor "Hp" for product "Openview Network Node Manager"
6.20
Search vendor "Hp" for product "Openview Network Node Manager" and version "6.20"
-
Affected
Hp
Search vendor "Hp"
Openview Network Node Manager
Search vendor "Hp" for product "Openview Network Node Manager"
6.31
Search vendor "Hp" for product "Openview Network Node Manager" and version "6.31"
-
Affected
Hp
Search vendor "Hp"
Openview Network Node Manager
Search vendor "Hp" for product "Openview Network Node Manager"
6.41
Search vendor "Hp" for product "Openview Network Node Manager" and version "6.41"
-
Affected
Hp
Search vendor "Hp"
Openview Network Node Manager
Search vendor "Hp" for product "Openview Network Node Manager"
7.0.1
Search vendor "Hp" for product "Openview Network Node Manager" and version "7.0.1"
-
Affected
Hp
Search vendor "Hp"
Openview Network Node Manager
Search vendor "Hp" for product "Openview Network Node Manager"
7.01
Search vendor "Hp" for product "Openview Network Node Manager" and version "7.01"
-
Affected
Hp
Search vendor "Hp"
Openview Network Node Manager
Search vendor "Hp" for product "Openview Network Node Manager"
7.50
Search vendor "Hp" for product "Openview Network Node Manager" and version "7.50"
-
Affected
Hp
Search vendor "Hp"
Openview Network Node Manager
Search vendor "Hp" for product "Openview Network Node Manager"
7.51
Search vendor "Hp" for product "Openview Network Node Manager" and version "7.51"
-
Affected
Hp
Search vendor "Hp"
Openview Network Node Manager
Search vendor "Hp" for product "Openview Network Node Manager"
8.01
Search vendor "Hp" for product "Openview Network Node Manager" and version "8.01"
-
Affected