Running under Windows NT Server 4.0 (SP6), HP Openview Node Manager 6.1 is vulnerable to a buffer overrun that causes the system to stop responding. DEMONSTRATION An attacker has to simply connect to port 80 and send a large GET string that including the EIP is 136 bytes in length. For example (will be wrapped); http://127.0.0.1/OvCgi/OpenView5.exe?Context=SNMP&Action=SNMP&Host=&Oid=AA(x 132 bytes) VENDOR RESPONSE HP had been made aware of the vulnerability and has released a patch available at http://ovweb.external.hp.com/cpe/patches/ CREDIT |
0 comments
Hide comments