CVE-2009-3840

HP OpenView Network Node Manager 7.51 and 7.53 - Denial of Service via Invalid Error Code Field

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2009-3840. PoCs published by Core Security.

AI-analyzed exploit summary The exploit demonstrates a denial-of-service vulnerability in IBM SolidDB by sending a crafted packet with an invalid error code to trigger an exception and crash the service. The PoC code constructs a malformed packet and sends it to the target on port 2315/tcp.

Description

The embedded database engine service (aka ovdbrun.exe) in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to cause a denial of service (daemon crash) via an invalid Error Code field in a packet.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Core Security · textdoswindows
https://www.exploit-db.com/exploits/10377

The exploit demonstrates a denial-of-service vulnerability in IBM SolidDB by sending a crafted packet with an invalid error code to trigger an exception and crash the service. The PoC code constructs a malformed packet and sends it to the target on port 2315/tcp.

Classification
Working Poc 100%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: IBM SolidDB Server 6.30.0.29, 6.30.0.33
No auth needed
Prerequisites: Network access to the target on port 2315/tcp
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Core Security · textdoswindows
https://www.exploit-db.com/exploits/10176

The exploit demonstrates a denial-of-service vulnerability in HP Openview NNM 7.53 by sending a crafted packet with an invalid error code to the embedded database service on port 2690/tcp, causing the service to terminate abnormally.

Classification
Working Poc 100%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: HP Openview NNM 7.53
No auth needed
Prerequisites: Network access to the target system on port 2690/tcp
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Exploit, Patch vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/37046
Patch, Vendor Advisory vendor-advisory x_refsource_hp
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01926980
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/60200
Mailing List mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2009/Nov/199

Scores

EPSS 0.0934
EPSS Percentile 94.7%

Details

Status published
Products (2)
hp/openview_network_node_manager 7.51 (4 CPE variants)
hp/openview_network_node_manager 7.53 (4 CPE variants)
Published Nov 19, 2009
Tracked Since Feb 18, 2026