Added: 05/23/2011
CVE: CVE-2011-0262
BID: 45762
OSVDB: 70470
HP OpenView Network Node Manager is network availability and performance management software.
A buffer overflow vulnerability affecting **ovwebsnmpsrv.exe**
, in the **stringToSeconds**
function in **ovutil.dll**
, allows remote attackers to execute arbitrary commands by sending a specially crafted HTTP request.
Apply the appropriate patch.
<http://www.zerodayinitiative.com/advisories/ZDI-11-004/>
Exploit works on HP OpenView Network Node Manager 7.53 on Windows Server 2003 with DEP AlwaysOff.
On Windows Server 2003, read and execute privileges on the file **_%windir%_\system32\cmd.exe**
must be granted to the Internet Guest Account **IUSR__<computername>_**
for the exploit to work properly. Note that users in the **Users**
and **Power Users**
groups do not have such privileges, but users in the **Administrators**
and **TelnetClients**
groups do.
Windows Server 2003