CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
97.6%
Added: 12/24/2007
CVE: CVE-2007-6204
BID: 26741
OSVDB: 39529
HP OpenView Network Node Manager is network availability and performance management software.
A buffer overflow in the Network Node Manager web interface allows remote attackers to execute arbitrary commands by sending a long, specially crafted argument to the **ovlogin.exe**
CGI program.
Apply one of the patches referenced in HPSBMA02281 SSRT061261.
<http://www.zerodayinitiative.com/advisories/ZDI-07-071.html>
Exploit works on HP OpenView Network Node Manager 6.41 on Windows 2000.
Windows