Integer signedness error in ovspmd.exe in HP OpenView Network Node Manager (OV NNM) 8.01, and 7.53 and previous versions, allows remote malicious users to cause a denial of service (daemon crash) or execute arbitrary code via a long request to TCP port 8886 that begins with a certain negative integer, which passes a signed comparison and triggers a heap-based buffer overflow.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
hp openview network node manager 7.50 |
||
hp openview network node manager 7.51 |
||
hp openview network node manager 6.2 |
||
hp openview network node manager 6.20 |
||
hp openview network node manager 5.01 |
||
hp openview network node manager 6.0.1 |
||
hp openview network node manager 7.0.1 |
||
hp openview network node manager 7.01 |
||
hp openview network node manager |
||
hp openview network node manager 8.01 |
||
hp openview network node manager 6.1 |
||
hp openview network node manager 6.10 |
||
hp openview network node manager 4.11 |
||
hp openview network node manager 5.0.1 |
||
hp openview network node manager 6.31 |
||
hp openview network node manager 6.4 |
||
hp openview network node manager 6.41 |