CyberSec.Space Logo
CVEブラウザに戻る

CVE-2008-2438

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0480%
EPSS Percentile43.31th
Published2009年4月28日
Last Modified2026年4月23日

Vulnerability Description

Integer overflow in ovalarmsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via a crafted command to TCP port 2954, which triggers a heap-based buffer overflow.

Affected Platforms (CPE)

📦
Hp

Openview Network Node Manager

= 7.01
📦
Hp

Openview Network Node Manager

= 7.51
📦
Hp

Openview Network Node Manager

= 7.53

References & Advisories

🔗 http://osvdb.org/54107
🔗 http://secunia.com/secunia_research/2008-38/
🔗 http://www.securityfocus.com/archive/1/503024
🔗 http://www.securityfocus.com/archive/1/503039/100/0/threaded
🔗 http://www.securityfocus.com/bid/34738
🔗 http://www.vupen.com/english/advisories/2009/1187
🔗 http://osvdb.org/54107
🔗 http://secunia.com/secunia_research/2008-38/

関連する脆弱性情報

CVE-2001-055210.0

ovactiond in HP OpenView Network Node Manager (NNM) 6.1 and Tivoli Netview 5.x and 6.x allows remote attackers to execute arbitrar...

CVE-2001-062910.0

HP Event Correlation Service (ecsd) as included with OpenView Network Node Manager 6.1 allows a remote attacker to gain addition ...

CVE-2000-055810.0

Buffer overflow in HP Openview Network Node Manager 6.1 allows remote attackers to execute arbitrary commands via the Alarm servic...

CVE-2007-620410.0

Multiple stack-based buffer overflows in HP OpenView Network Node Manager (OV NNM) 6.41, 7.01, and 7.51 allow remote attackers to ...