CVE-2008-1842
HP OpenView Network Node Manager 7.x - 'ovspmd' Buffer Overflow
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
2Exploited in Wild
-Decision
Descriptions
Integer signedness error in ovspmd.exe in HP OpenView Network Node Manager (OV NNM) 8.01, and 7.53 and earlier, allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a long request to TCP port 8886 that begins with a certain negative integer, which passes a signed comparison and triggers a heap-based buffer overflow.
Error en la propiedad signedness de enteros en el archivo ovspmd.exe en HP OpenView Network Node Manager (OV NNM) versiones 8.01 y 7.53 y anteriores, permite a los atacantes remotos causar una denegación de servicio (bloqueo del demonio) o ejecutar código arbitrario por medio de una petición larga al puerto TCP 8886 que comienza con un determinado entero negativo, que pasa una comparación firmada y desencadena un desbordamiento de búfer en la región heap de la memoria.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2008-04-08 First Exploit
- 2008-04-16 CVE Reserved
- 2008-04-16 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-189: Numeric Errors
CAPEC
References (10)
URL | Tag | Source |
---|---|---|
http://aluigi.altervista.org/adv/closedview-adv.txt | X_refsource_misc | |
http://securitytracker.com/id?1019821 | Vdb Entry | |
http://www.securityfocus.com/bid/28689 | Vdb Entry | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/41737 | Vdb Entry |
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/31629 | 2008-04-08 | |
http://aluigi.org/poc/closedview.zip | 2024-08-07 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://marc.info/?l=bugtraq&m=121321155405849&w=2 | 2018-10-11 | |
http://secunia.com/advisories/29713 | 2018-10-11 | |
http://www.securityfocus.com/archive/1/493781/100/0/threaded | 2018-10-11 | |
http://www.vupen.com/english/advisories/2008/1159 | 2018-10-11 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Hp Search vendor "Hp" | Openview Network Node Manager Search vendor "Hp" for product "Openview Network Node Manager" | <= 7.53 Search vendor "Hp" for product "Openview Network Node Manager" and version " <= 7.53" | - |
Affected
| ||||||
Hp Search vendor "Hp" | Openview Network Node Manager Search vendor "Hp" for product "Openview Network Node Manager" | 4.11 Search vendor "Hp" for product "Openview Network Node Manager" and version "4.11" | - |
Affected
| ||||||
Hp Search vendor "Hp" | Openview Network Node Manager Search vendor "Hp" for product "Openview Network Node Manager" | 5.0.1 Search vendor "Hp" for product "Openview Network Node Manager" and version "5.0.1" | - |
Affected
| ||||||
Hp Search vendor "Hp" | Openview Network Node Manager Search vendor "Hp" for product "Openview Network Node Manager" | 5.01 Search vendor "Hp" for product "Openview Network Node Manager" and version "5.01" | - |
Affected
| ||||||
Hp Search vendor "Hp" | Openview Network Node Manager Search vendor "Hp" for product "Openview Network Node Manager" | 6.0.1 Search vendor "Hp" for product "Openview Network Node Manager" and version "6.0.1" | - |
Affected
| ||||||
Hp Search vendor "Hp" | Openview Network Node Manager Search vendor "Hp" for product "Openview Network Node Manager" | 6.1 Search vendor "Hp" for product "Openview Network Node Manager" and version "6.1" | - |
Affected
| ||||||
Hp Search vendor "Hp" | Openview Network Node Manager Search vendor "Hp" for product "Openview Network Node Manager" | 6.2 Search vendor "Hp" for product "Openview Network Node Manager" and version "6.2" | - |
Affected
| ||||||
Hp Search vendor "Hp" | Openview Network Node Manager Search vendor "Hp" for product "Openview Network Node Manager" | 6.4 Search vendor "Hp" for product "Openview Network Node Manager" and version "6.4" | - |
Affected
| ||||||
Hp Search vendor "Hp" | Openview Network Node Manager Search vendor "Hp" for product "Openview Network Node Manager" | 6.10 Search vendor "Hp" for product "Openview Network Node Manager" and version "6.10" | - |
Affected
| ||||||
Hp Search vendor "Hp" | Openview Network Node Manager Search vendor "Hp" for product "Openview Network Node Manager" | 6.20 Search vendor "Hp" for product "Openview Network Node Manager" and version "6.20" | - |
Affected
| ||||||
Hp Search vendor "Hp" | Openview Network Node Manager Search vendor "Hp" for product "Openview Network Node Manager" | 6.31 Search vendor "Hp" for product "Openview Network Node Manager" and version "6.31" | - |
Affected
| ||||||
Hp Search vendor "Hp" | Openview Network Node Manager Search vendor "Hp" for product "Openview Network Node Manager" | 6.41 Search vendor "Hp" for product "Openview Network Node Manager" and version "6.41" | - |
Affected
| ||||||
Hp Search vendor "Hp" | Openview Network Node Manager Search vendor "Hp" for product "Openview Network Node Manager" | 7.0.1 Search vendor "Hp" for product "Openview Network Node Manager" and version "7.0.1" | - |
Affected
| ||||||
Hp Search vendor "Hp" | Openview Network Node Manager Search vendor "Hp" for product "Openview Network Node Manager" | 7.01 Search vendor "Hp" for product "Openview Network Node Manager" and version "7.01" | - |
Affected
| ||||||
Hp Search vendor "Hp" | Openview Network Node Manager Search vendor "Hp" for product "Openview Network Node Manager" | 7.50 Search vendor "Hp" for product "Openview Network Node Manager" and version "7.50" | - |
Affected
| ||||||
Hp Search vendor "Hp" | Openview Network Node Manager Search vendor "Hp" for product "Openview Network Node Manager" | 7.51 Search vendor "Hp" for product "Openview Network Node Manager" and version "7.51" | - |
Affected
| ||||||
Hp Search vendor "Hp" | Openview Network Node Manager Search vendor "Hp" for product "Openview Network Node Manager" | 8.01 Search vendor "Hp" for product "Openview Network Node Manager" and version "8.01" | - |
Affected
|