Description
Multiple stack-based buffer overflows in ovalarmsrv in HP OpenView Network Node Manager (OV NNM) 7.51, and possibly 7.01, 7.50, and 7.53, allow remote attackers to execute arbitrary code via a long (1) REQUEST_SEV_CHANGE (aka number 47), (2) REQUEST_SAVE_STATE (aka number 61), or (3) REQUEST_RESTORE_STATE (aka number 62) request to TCP port 2954.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Luigi Auriemma · textdoswindows
https://www.exploit-db.com/exploits/5396
References (7)
Core 7
Core References
Exploit x_refsource_misc
http://aluigi.altervista.org/adv/closedview_old-adv.txt
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/4397
Third Party Advisory, VDB Entry x_refsource_misc
http://downloads.securityfocus.com/vulnerabilities/exploits/28668.c
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/31688
Vendor Advisory vendor-advisory
x_refsource_hp
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01537275
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/28668
Exploit mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/490541
Scores
EPSS
0.3669
EPSS Percentile
97.2%
Details
CWE
CWE-119
Status
published
Products (4)
hp/openview_network_node_manager
7.01
hp/openview_network_node_manager
7.50
hp/openview_network_node_manager
7.51
hp/openview_network_node_manager
7.53
Published
Oct 13, 2008
Tracked Since
Feb 18, 2026