1. CVE-Search
  2. CVE-2008-2438
ID CVE-2008-2438
Summary Integer overflow in ovalarmsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a crafted command to TCP port 2954, which triggers a heap-based buffer overflow.
References
Vulnerable Configurations
  • cpe:2.3:a:hp:openview_network_node_manager:7.01:*:*:*:*:*:*:*
    cpe:2.3:a:hp:openview_network_node_manager:7.01:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:openview_network_node_manager:7.51:*:*:*:*:*:*:*
    cpe:2.3:a:hp:openview_network_node_manager:7.51:*:*:*:*:*:*:*
  • cpe:2.3:a:hp:openview_network_node_manager:7.53:*:*:*:*:*:*:*
    cpe:2.3:a:hp:openview_network_node_manager:7.53:*:*:*:*:*:*:*
CVSS
Base: 10.0 (as of 11-10-2018 - 20:41)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:L/Au:N/C:C/I:C/A:C
refmap via4
bid 34738
bugtraq 20090428 Secunia Research: HP OpenView Network Node Manager "ovalarmsrv" Integer Overflow
hp
  • HPSBMA02424
  • SSRT080125
misc http://secunia.com/secunia_research/2008-38/
osvdb 54107
vupen ADV-2009-1187
Last major update 11-10-2018 - 20:41
Published 28-04-2009 - 16:30
Last modified 11-10-2018 - 20:41
Back to Top