CVE-2009-3840

HP Openview Network Node Manager - Denial of Service

Title source: rule

Description

The embedded database engine service (aka ovdbrun.exe) in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to cause a denial of service (daemon crash) via an invalid Error Code field in a packet.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Core Security · textdoswindows

https://www.exploit-db.com/exploits/10377

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Core Security · textdoswindows

https://www.exploit-db.com/exploits/10176

View Code ZIP pw:eip

References (5)

Core 5

Core References

Exploit, Patch vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/37046

Patch, Vendor Advisory vendor-advisory x_refsource_hp

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01926980

Various Sources x_refsource_misc

http://www.coresecurity.com/content/openview_nnm_internaldb_dos

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://osvdb.org/60200

Mailing List mailing-list x_refsource_fulldisc

http://seclists.org/fulldisclosure/2009/Nov/199

Scores

EPSS 0.1725

EPSS Percentile 95.1%

Details

Status published

Products (2)

hp/openview_network_node_manager 7.51 (4 CPE variants)

hp/openview_network_node_manager 7.53 (4 CPE variants)

Published Nov 19, 2009

Tracked Since Feb 18, 2026