CVE-2008-0067

HP OpenView Network Node Manager 7.01, 7.51, 7.53 - Remote Code Execution via Long String Parameters

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2008-0067. PoCs published by Metasploit, MC, including Metasploit module exploits/windows/http/hp_nnm_toolbar_01.

AI-analyzed exploit summary This Metasploit module exploits a stack buffer overflow in HP OpenView Network Node Manager 7.50 via a crafted CGI request to Toolbar.exe. It sends a long string to overflow the buffer and execute arbitrary code via a return address overwrite.

Description

Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allow remote attackers to execute arbitrary code via (1) long string parameters to the OpenView5.exe CGI program; (2) a long string parameter to the OpenView5.exe CGI program, related to ov.dll; or a long string parameter to the (3) getcvdata.exe, (4) ovlaunch.exe, or (5) Toolbar.exe CGI program.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotecgi
https://www.exploit-db.com/exploits/16795

This Metasploit module exploits a stack buffer overflow in HP OpenView Network Node Manager 7.50 via a crafted CGI request to Toolbar.exe. It sends a long string to overflow the buffer and execute arbitrary code via a return address overwrite.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: HP OpenView Network Node Manager 7.50
No auth needed
Prerequisites: Network access to the target · Toolbar.exe CGI interface exposed
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC GREAT
by MC · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/hp_nnm_toolbar_01.rb

This Metasploit module exploits a stack buffer overflow in HP OpenView Network Node Manager 7.50 via a crafted CGI request to Toolbar.exe, allowing arbitrary code execution. It uses a known return address (0x5a01d78d) and avoids bad characters to deliver a payload.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: HP OpenView Network Node Manager 7.50
No auth needed
Prerequisites: Network access to the target · Toolbar.exe CGI endpoint accessible
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (8)

Core 8
Core References
Vendor Advisory x_refsource_misc
http://secunia.com/secunia_research/2008-13/
Mailing List vendor-advisory x_refsource_hp
http://marc.info/?l=bugtraq&m=123247393715913&w=2
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1021521
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/33147
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/4885
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/499826/100/0/threaded
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/8307
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/28074

Scores

EPSS 0.6342
EPSS Percentile 99.1%

Details

CWE
CWE-119
Status published
Products (1)
hp/openview_network_node_manager 7.51
Published Jan 08, 2009
Tracked Since Feb 18, 2026