CVE-2008-2438

Integer overflow in ovalarmsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a crafted command to TCP port 2954, which triggers a heap-based buffer overflow.

🔗 References (12)

• PSIRT-CNA@flexerasoftwarehttp://osvdb.org/54107
• PSIRT-CNA@flexerasoftwarehttp://secunia.com/secunia_research/2008-38/
• PSIRT-CNA@flexerasoftwarehttp://www.securityfocus.com/archive/1/503024
• PSIRT-CNA@flexerasoftwarehttp://www.securityfocus.com/archive/1/503039/100/0/threaded
• PSIRT-CNA@flexerasoftwarehttp://www.securityfocus.com/bid/34738
• PSIRT-CNA@flexerasoftwarehttp://www.vupen.com/english/advisories/2009/1187
• af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/54107
• af854a3a-2127-422b-91ae-364da2661108http://secunia.com/secunia_research/2008-38/
• af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/503024
• af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/503039/100/0/threaded
• af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/34738
• af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1187