A code execution vulnerability exists in HP OpenView Network Node Manager (NNM). The vulnerability is due to a boundary error in getnnmdata.exe when processing the Hostname variable sent in a crafted HTTP request. A remote unauthenticated attacker can exploit this vulnerability by sending a crafted HTTP request to a target server, potentially causing arbitrary code to be injected and executed in the security context of the getnnmdata.exe process.

In an attack scenario, where arbitrary code is injected and executed on the target machine, the behavior of the target is dependent on the intention of the malicious code.

HP provides a patch to address this vulnerability. Mitigation and patch details are available at:

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02153379

• HP OpenView Network Node Manager (OV NNM) 7.01
• HP OpenView Network Node Manager (OV NNM) 7.51
• HP OpenView Network Node Manager (OV NNM) 7.53

• Access vector is NETWORK
• Access complexity is LOW
• Level of authentication required is NONE
• Impact of this vulnerability on data confidentiality is PARTIAL
• Impact of this vulnerability on data integrity is PARTIAL
• Impact of this vulnerability on data availability is PARTIAL

• The exploitability level of this vulnerability is FUNCTIONAL
• The remediation level of this vulnerability is OFFICIAL FIX
• The report confidence level of this vulnerability is CONFIRMED