CVE-2007-6204

Name of the Vulnerable Software and Affected Versions HP OpenView Network Node Manager versions 6.41 through 7.51

Description The issue is related to multiple stack-based buffer overflows that allow remote attackers to execute arbitrary code. This can be achieved by providing long arguments to certain executables, such as ovlogin.exe, OpenView5.exe, snmpviewer.exe, and webappmon.exe. For example, a long Action parameter to OpenView5.exe can be used to demonstrate this issue.

Recommendations For HP OpenView Network Node Manager versions 6.41 through 7.51, consider disabling the executables ovlogin.exe, OpenView5.exe, snmpviewer.exe, and webappmon.exe until a patch is available to prevent remote attackers from executing arbitrary code. At the moment, there is no information about a newer version that contains a fix for this vulnerability.