HP OpenView Network Node Manager Multiple Services Remote Overflow

Critical Nessus Plugin ID 19707


Arbitrary code can be executed on the remote host due to a flaw in the HP OpenView Topology Manager Daemon.


The remote host is running HP OpenView Topology Manager Daemon for IP discovery and layout.

The remote version of this software has a heap overflow vulnerability.

An unauthenticated attacker can exploit this flaw by sending a specialy crafted packet to the remote host. Successful exploitation of this vulnerability would result in remote code execution with the privileges of the daemon itself.

Note that other OV NNM services are affected by this flaw as well.


Install one of the patches listed in the advisory referenced above.

See Also


Plugin Details

Severity: Critical

ID: 19707

File Name: hp_openview_nnm_overflow.nasl

Version: $Revision: 1.16 $

Type: remote

Published: 2005/09/15

Modified: 2013/06/21

Dependencies: 19607

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:hp:openview_network_node_manager

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2005/04/05

Vulnerability Publication Date: 2005/04/05

Reference Information

CVE: CVE-2005-1056

BID: 13029

OSVDB: 15321