CVE-2008-3544

Name of the Vulnerable Software and Affected Versions HP OpenView Network Node Manager versions 7.01 through 7.53

Description The issue is related to multiple stack-based buffer overflows in the ovalarmsrv component. Remote attackers can execute arbitrary code by sending a long request to TCP port 2954, specifically via REQUEST SEV CHANGE (number 47), REQUEST SAVE STATE (number 61), or REQUEST RESTORE STATE (number 62) requests.

Recommendations For HP OpenView Network Node Manager versions 7.01 through 7.53, consider restricting access to TCP port 2954 to minimize the risk of exploitation. As a temporary workaround, limit the use of the ovalarmsrv component until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.