CVE-2009-2298 — Improper Restriction of Operations within the Bounds of a Memory Buffer in HP Openview Network Node Manager

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer3 documents3 sources

Severity

7.5HIGHNVD

CNA10.0

EPSS

2.5%

top 14.69%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

HP Openview Network Node Manager

Timeline

PublishedJul 2

Latest updateMay 2

Description

Stack-based buffer overflow in rping in HP OpenView Network Node Manager (OV NNM) 7.53 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, possibly involving a CGI request to webappmon.exe. NOTE: this may overlap CVE-2009-1420.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDhp/openview_network_node_manager7.53

🔴Vulnerability Details

GHSA

GHSA-gjgf-fgq7-f6p3: Stack-based buffer overflow in rping in HP OpenView Network Node Manager (OV NNM) 7↗2022-05-02

▶

CVEList

CVE-2009-2298: Stack-based buffer overflow in rping in HP OpenView Network Node Manager (OV NNM) 7↗2009-07-02

▶