CVE-2008-1842 : Detail

Integer signedness error in ovspmd.exe in HP OpenView Network Node Manager (OV NNM) 8.01, and 7.53 and earlier, allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a long request to TCP port 8886 that begins with a certain negative integer, which passes a signed comparison and triggers a heap-based buffer overflow.

Related Weaknesses

Metrics

EPSS

EPSS Score

EPSS Percentile

Exploit information

Exploit Database EDB-ID : 31629

Publication date : 2008-04-07 22h00 +00:00
Author : Luigi Auriemma
EDB Verified : Yes

Products Mentioned

Configuraton 0

Hp>>Openview_network_node_manager >> Version To (including) 7.53

Hp>>Openview_network_node_manager >> Version 4.11

Hp>>Openview_network_node_manager >> Version 5.0.1

Hp>>Openview_network_node_manager >> Version 5.01

Hp>>Openview_network_node_manager >> Version 6.0.1

Hp>>Openview_network_node_manager >> Version 6.1

Hp>>Openview_network_node_manager >> Version 6.2

Hp>>Openview_network_node_manager >> Version 6.4

Hp>>Openview_network_node_manager >> Version 6.10

Hp>>Openview_network_node_manager >> Version 6.20

Hp>>Openview_network_node_manager >> Version 6.31

Hp>>Openview_network_node_manager >> Version 6.41

Hp>>Openview_network_node_manager >> Version 7.0.1

Hp>>Openview_network_node_manager >> Version 7.01

Hp>>Openview_network_node_manager >> Version 7.50

Hp>>Openview_network_node_manager >> Version 7.51

Hp>>Openview_network_node_manager >> Version 8.01

References