Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Integer signedness error in ovspmd.exe in HP OpenView Network Node Manager (OV NNM) 8.01, and 7.53 and earlier, allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code via a long request to TCP port 8886 that begins with a certain negative integer, which passes a signed comparison and triggers a heap-based buffer overflow.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
HP OpenView网络节点管理器ovspmd远程堆溢出漏洞
Vulnerability Description
HP OpenView网络节点管理器(OV NNM)是HP公司开发和维护的网络管理系统软件,具有强大的网络节点管理功能。 OV NNM的ovspmd服务实现上存在缓冲区溢出漏洞,远程攻击者可能利用此漏洞控制服务器。 OV NNM的ovspmd服务运行在TCP 8886端口上,该服务检查长度值是否低于9216字节(目标缓冲区的大小)以防范缓冲区溢出,但这是一个有符比较,因此使用0x80000000和0x80000003之间的负数值就可以触发堆溢出,导致执行任意指令。
CVSS Information
N/A
Vulnerability Type
N/A