Rule

--
Sid
20054

--
Summary:
This event is generated when an attempt is made to exploit a known vulnerability in openview network node manager.

--
Impact:
Denial of Service. Information disclosure. Loss of integrity. Complete admin access.

--
Detailed Information:
The embedded database engine service (aka ovdbrun.exe) in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to cause a denial of service (daemon crash) via an invalid Error Code field in a packet.

--
Affected Systems:
hp openview network node manager 7.51
hp openview network node manager 7.51
hp openview network node manager 7.51
hp openview network node manager 7.51
hp openview network node manager 7.51
hp openview network node manager 7.53
hp openview network node manager 7.53
hp openview network node manager 7.53
hp openview network node manager 7.53
hp openview network node manager 7.53

--
Attack Scenarios:
An attacker can host a web site that will return code of their choosing to the object when a victim clicks on a malicious link.

--
Ease of Attack:
Medium.

--
False Positives:
None known.

--
False Negatives:
None known.

--
Corrective Action:
Upgrade to the latest non-affected version of the software.

Apply the appropriate vendor supplied patches.

--
Contributors:
Sourcefire Vulnerability Research Team
This document was generated from data supplied by the National Vulnerability Database. A product of the National Institute of Standards and Technology.
For more information see http://nvd.nist.gov/

--
Additional References:

NIST CVE-2009-3840:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3840
  
--
