HP OpenView Network Node Manager Multiple Services Remote Overflow
Critical Nessus Plugin ID 19707
SynopsisArbitrary code can be executed on the remote host due to a flaw in the HP OpenView Topology Manager Daemon.
DescriptionThe remote host is running HP OpenView Topology Manager Daemon for IP discovery and layout.
The remote version of this software has a heap overflow vulnerability.
An unauthenticated attacker can exploit this flaw by sending a specialy crafted packet to the remote host. Successful exploitation of this vulnerability would result in remote code execution with the privileges of the daemon itself.
Note that other OV NNM services are affected by this flaw as well.
SolutionInstall one of the patches listed in the advisory referenced above.