This host is running HP OpenView Network Node Manager and is prone to multiple vulnerabilities.

Successful exploitation will allow attacker to cause a buffer overflow via a specially crafted HTTP request to the 'jovgraph.exe' CGI program. Impact Level: System/Application

Apply the patch for OpenView NNM version 7.53, http://seclists.org/bugtraq/2010/Jun/152 http://support.openview.hp.com/selfsolve/patches http://marc.info/?l=bugtraq&m=128525454219838&w=2 ***** NOTE : No Patch/Solution available for OpenView NNM version 7.51, upgrade to OpenView NNM version 7.53 and apply the patch. ***** ***** NOTE : Ignore this warning, if above mentioned patch is already applied. *****

The flaws are due to boundary errors, - when creating an error message within 'ovwebsnmpsrv.exe' - within 'getProxiedStorageAddress()' in 'ovutil.dll' - when parsing command line argument variables within 'ovwebsnmpsrv.ex' And an unspecified vulnerability allows remote attackers to cause a denial of service via unknown vectors.

HP OpenView Network Node Manager version 7.51 and 7.53

• http://marc.info/?l=bugtraq&m=128525454219838&w=2
• http://seclists.org/bugtraq/2010/Jun/152
• http://secunia.com/advisories/40101
• http://securitytracker.com/alerts/2010/Jun/1024071.html
• http://xforce.iss.net/xforce/xfdb/59249
• http://xforce.iss.net/xforce/xfdb/59250

---

Updated on 2015-03-25