Lucene search

MitreCVE-2008-1842

HistoryApr 16, 2008 - 5:05 p.m.

CVE-2008-1842

2008-04-1617:05:00

CWE-189

mitre

web.nvd.nist.gov

cve

2008

1842

openview

network node manager

nnm

security

vulnerability

attack

denial of service

remote code execution

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.7

Confidence

Low

EPSS

0.206

Percentile

96.4%

JSON

Integer signedness error in ovspmd.exe in HP OpenView Network Node Manager (OV NNM) 8.01, and 7.53 and earlier, allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a long request to TCP port 8886 that begins with a certain negative integer, which passes a signed comparison and triggers a heap-based buffer overflow.

Affected configurations

Nvd

Node

hpopenview_network_node_managerRange≤7.53

hpopenview_network_node_managerMatch4.11

hpopenview_network_node_managerMatch5.0.1

hpopenview_network_node_managerMatch5.01

hpopenview_network_node_managerMatch6.0.1

hpopenview_network_node_managerMatch6.1

hpopenview_network_node_managerMatch6.2

hpopenview_network_node_managerMatch6.4

hpopenview_network_node_managerMatch6.10

hpopenview_network_node_managerMatch6.20

hpopenview_network_node_managerMatch6.31

hpopenview_network_node_managerMatch6.41

hpopenview_network_node_managerMatch7.0.1

hpopenview_network_node_managerMatch7.01

hpopenview_network_node_managerMatch7.50

hpopenview_network_node_managerMatch7.51

hpopenview_network_node_managerMatch8.01

VendorProductVersionCPE
hpopenview_network_node_manager*cpe:2.3:a:hp:openview_network_node_manager:*:*:*:*:*:*:*:*
hpopenview_network_node_manager4.11cpe:2.3:a:hp:openview_network_node_manager:4.11:*:*:*:*:*:*:*
hpopenview_network_node_manager5.0.1cpe:2.3:a:hp:openview_network_node_manager:5.0.1:*:*:*:*:*:*:*
hpopenview_network_node_manager5.01cpe:2.3:a:hp:openview_network_node_manager:5.01:*:*:*:*:*:*:*
hpopenview_network_node_manager6.0.1cpe:2.3:a:hp:openview_network_node_manager:6.0.1:*:*:*:*:*:*:*
hpopenview_network_node_manager6.1cpe:2.3:a:hp:openview_network_node_manager:6.1:*:*:*:*:*:*:*
hpopenview_network_node_manager6.2cpe:2.3:a:hp:openview_network_node_manager:6.2:*:*:*:*:*:*:*
hpopenview_network_node_manager6.4cpe:2.3:a:hp:openview_network_node_manager:6.4:*:*:*:*:*:*:*
hpopenview_network_node_manager6.10cpe:2.3:a:hp:openview_network_node_manager:6.10:*:*:*:*:*:*:*
hpopenview_network_node_manager6.20cpe:2.3:a:hp:openview_network_node_manager:6.20:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
hp	openview_network_node_manager	*	cpe:2.3:a:hp:openview_network_node_manager::::::::
hp	openview_network_node_manager	4.11	cpe:2.3:a:hp:openview_network_node_manager:4.11:::::::*
hp	openview_network_node_manager	5.0.1	cpe:2.3:a:hp:openview_network_node_manager:5.0.1:::::::*
hp	openview_network_node_manager	5.01	cpe:2.3:a:hp:openview_network_node_manager:5.01:::::::*
hp	openview_network_node_manager	6.0.1	cpe:2.3:a:hp:openview_network_node_manager:6.0.1:::::::*
hp	openview_network_node_manager	6.1	cpe:2.3:a:hp:openview_network_node_manager:6.1:::::::*
hp	openview_network_node_manager	6.2	cpe:2.3:a:hp:openview_network_node_manager:6.2:::::::*
hp	openview_network_node_manager	6.4	cpe:2.3:a:hp:openview_network_node_manager:6.4:::::::*
hp	openview_network_node_manager	6.10	cpe:2.3:a:hp:openview_network_node_manager:6.10:::::::*
hp	openview_network_node_manager	6.20	cpe:2.3:a:hp:openview_network_node_manager:6.20:::::::*