CVE-2008-3544

HP OpenView Network Node Manager <7.51 - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-3544. PoCs published by Luigi Auriemma.

AI-analyzed exploit summary The exploit demonstrates multiple vulnerabilities in HP OpenView Network Node Manager's ovalarmsrv service, including format string, buffer overflow, and DoS flaws. It provides simple netcat commands to trigger these issues on ports 2953 and 2954.

Description

Multiple stack-based buffer overflows in ovalarmsrv in HP OpenView Network Node Manager (OV NNM) 7.51, and possibly 7.01, 7.50, and 7.53, allow remote attackers to execute arbitrary code via a long (1) REQUEST_SEV_CHANGE (aka number 47), (2) REQUEST_SAVE_STATE (aka number 61), or (3) REQUEST_RESTORE_STATE (aka number 62) request to TCP port 2954.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Luigi Auriemma · textdoswindows

https://www.exploit-db.com/exploits/5396

View Code ZIP pw:eip

The exploit demonstrates multiple vulnerabilities in HP OpenView Network Node Manager's ovalarmsrv service, including format string, buffer overflow, and DoS flaws. It provides simple netcat commands to trigger these issues on ports 2953 and 2954.

Classification

Working Poc 90%

Attack Type

Rce | Dos

Complexity

Trivial

Reliability

Reliable

Target: HP OpenView Network Node Manager <= 7.53

No auth needed

Prerequisites: network access to target ports 2953/2954

MITRE ATT&CK