1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: HP OpenView NNM BO

Web Attack: HP OpenView NNM BO

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.


This Signature detect attempts to exploit a buffer overflow vulnerability in HP OpenView Network Node Manager.

Additional Information

HP OpenView Network Node Manager (NNM) is a fault-management application for IP networks.

NNM is prone to a remote stack-based buffer-overflow vulnerability affecting the 'snmpviewer.exe' CGI application. Specifically, the 'doLoad()' function passes data from the 'act' and 'app' POST parameters to the 'snprintf()' function in an unsafe manner. Attackers can exploit this issue by supplying excessive data to the affected parameters.

An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successful exploits will completely compromise affected computers. Failed exploit attempts will result in a denial-of-service condition.


  • Various.


Updates are available. Please see the references for details.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube