OpenView has CGI-based security hole
Don't use CGI-based functions for now, Secunia advises
- By Joab Jackson
- Jan 08, 2009
Secunia Research has found a set of vulnerabilities in a version of Hewlett-Packard's OpenView network management software that would allow malicious users to execute a stack-based buffer overflow attack. Version 7.51 of HP OpenView Network Node Manager with update NNM_01168 is known to be vulnerable, though other versions may be as well, according to the research firm.
The vulnerabilities are based around the application's use of the Common Gateway Interface.
Overly long strings of data, which can harbor malicious data, can be passed through the ov.dll, getcvdata.exe, ovlaunch.exe, Toolbar.exe and OpenView5.exe components via HTTP requests.
Secunia rates this vulnerability as moderately critical. HP is working on a fix. In the meantime, Secunia advises users not to use the affected capabilities.
OpenView's Network Node Manager collects status reports from network devices such as routers and aggregates the results in a summary form.
This set of vulnerabilities has been assigned the designation CVE-2008-0067 in the Common Vulnerabilities and Exposures project.
Joab Jackson is the senior technology editor for Government Computer News.