CyberSec.Space Logo
Back to CVE Browser

CVE-2008-2438

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0480%
EPSS Percentile43.31th
PublishedApr 28, 2009
Last ModifiedApr 23, 2026

Vulnerability Description

Integer overflow in ovalarmsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a crafted command to TCP port 2954, which triggers a heap-based buffer overflow.

Affected Platforms (CPE)

πŸ“¦
Hp

Openview Network Node Manager

= 7.01
πŸ“¦
Hp

Openview Network Node Manager

= 7.51
πŸ“¦
Hp

Openview Network Node Manager

= 7.53

References & Advisories

πŸ”— http://osvdb.org/54107
πŸ”— http://secunia.com/secunia_research/2008-38/
πŸ”— http://www.securityfocus.com/archive/1/503024
πŸ”— http://www.securityfocus.com/archive/1/503039/100/0/threaded
πŸ”— http://www.securityfocus.com/bid/34738
πŸ”— http://www.vupen.com/english/advisories/2009/1187
πŸ”— http://osvdb.org/54107
πŸ”— http://secunia.com/secunia_research/2008-38/

Related Vulnerabilities

CVE-2001-055210.0

ovactiond in HP OpenView Network Node Manager (NNM) 6.1 and Tivoli Netview 5.x and 6.x allows remote attackers to execute arbitrar...

CVE-2001-062910.0

HP Event Correlation Service (ecsd) as included with OpenView Network Node Manager 6.1 allows a remote attacker to gain addition ...

CVE-2000-055810.0

Buffer overflow in HP Openview Network Node Manager 6.1 allows remote attackers to execute arbitrary commands via the Alarm servic...

CVE-2007-620410.0

Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allow remote attackers to ...