CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS
Percentile
98.0%
Added: 03/26/2009
CVE: CVE-2009-0920
HP OpenView Network Node Manager is network availability and performance management software.
A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a long, specially crafted OvOSLocale cookie in an HTTP request for Toolbar.exe.
Apply one of the patches referenced in HPSBMA02416 SSRT090008.
<http://www.securityfocus.com/archive/1/502054>
Exploit works on HP OpenView Network Node Manager 7.53.
On Windows Server 2003, Read and Execute privileges on the file ‘%windir%\system32\cmd.exe’ must be granted to the Internet Guest Account (IUSR_<computername>) in order for the exploit to succeed. The ‘Users’ and ‘Power Users’ groups don’t have such privileges, but the ‘Administrators’ and ‘TelnetClients’ groups can execute ‘cmd.exe’.
The patch KB933729 must be applied on Windows Server 2003 in order to bypass DEP protection.
Windows 2000
Windows Server 2003