Vulnerabilities > CVE-2007-3872 - Remote Buffer Overflow vulnerability in HP Openview Operations and Shared Trace Service
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple stack-based buffer overflows in the Shared Trace Service (OVTrace) service for HP OpenView Operations A.07.50 for Windows, and possibly earlier versions, allow remote attackers to execute arbitrary code via certain crafted requests.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 3 |
Exploit-Db
| description | HP OpenView Operations OVTrace Buffer Overflow. CVE-2007-3872. Remote exploit for windows platform |
| id | EDB-ID:16429 |
| last seen | 2016-02-01 |
| modified | 2010-06-22 |
| published | 2010-06-22 |
| reporter | metasploit |
| source | https://www.exploit-db.com/download/16429/ |
| title | HP OpenView Operations OVTrace Buffer Overflow |
Metasploit
| description | This module exploits a stack buffer overflow in HP OpenView Operations version A.07.50. By sending a specially crafted packet, a remote attacker may be able to execute arbitrary code. |
| id | MSF:EXPLOIT/WINDOWS/MISC/HP_OVTRACE |
| last seen | 2020-04-11 |
| modified | 2017-07-24 |
| published | 2007-08-19 |
| references | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3872 |
| reporter | Rapid7 |
| source | https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/misc/hp_ovtrace.rb |
| title | HP OpenView Operations OVTrace Buffer Overflow |
Nessus
NASL family HP-UX Local Security Checks NASL id HPUX_PHSS_36278.NASL description s700_800 11.X OV OVO8.X EventAction Linux A.08.17 : A potential security vulnerability has been identified in HP OpenView Operations (OVO) Agents running Shared Trace Service. The vulnerability could be remotely exploited to execute arbitrary code. last seen 2020-06-01 modified 2020-06-02 plugin id 26151 published 2007-09-25 reporter This script is Copyright (C) 2007-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/26151 title HP-UX PHSS_36278 : HP OpenView Operations (OVO) Agents Running Shared Trace Service, Remote Arbitrary Code Execution (HPSBMA02239 SSRT061260 rev.3) NASL family HP-UX Local Security Checks NASL id HPUX_PHSS_36773.NASL description s700_800 11.X OV NNM7.01 Intermediate Patch 11 : The remote HP-UX host is affected by multiple vulnerabilities : - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). This vulnerability could by exploited remotely to allow cross site scripting (XSS). (HPSBMA02283 SSRT071319) - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). This vulnerability could be exploited remotely by an unauthorized user to execute arbitrary code with the permissions of the NNM server. (HPSBMA02281 SSRT061261) - Potential vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). The vulnerabilities could be exploited remotely to create a Denial of Service (DoS) or to execute arbitrary code. References: CVE-2008-3536, CVE-2008-3537, CVE-2008-3544 (Bugtraq ID 28668). (HPSBMA02362 SSRT080044, SSRT080045, SSRT080042) - Potential vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM) running Apache. These vulnerabilities could be exploited remotely resulting in cross site scripting (XSS), Denial of Service (DoS), or execution of arbitrary code. (HPSBMA02328 SSRT071293) - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM) running Shared Trace Service. The vulnerability could be remotely exploited to execute arbitrary code. (HPSBMA02242 SSRT061260) - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). The vulnerability could be exploited remotely to execute arbitrary code or to create a Denial of Service (DoS). (HPSBMA02348 SSRT080033) last seen 2020-06-01 modified 2020-06-02 plugin id 26896 published 2007-10-03 reporter This script is Copyright (C) 2007-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/26896 title HP-UX PHSS_36773 : s700_800 11.X OV NNM7.01 Intermediate Patch 11 NASL family HP-UX Local Security Checks NASL id HPUX_PHSS_37397.NASL description s700_800 11.X OV OVO8.X Core Agt HPUX 11 PA A.08.17.3 : A potential security vulnerability has been identified in HP OpenView Operations (OVO) Agents running Shared Trace Service. The vulnerability could be remotely exploited to execute arbitrary code. last seen 2020-06-01 modified 2020-06-02 plugin id 29971 published 2008-01-15 reporter This script is Copyright (C) 2008-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/29971 title HP-UX PHSS_37397 : HP OpenView Operations (OVO) Agents Running Shared Trace Service, Remote Arbitrary Code Execution (HPSBMA02239 SSRT061260 rev.3) NASL family HP-UX Local Security Checks NASL id HPUX_PHSS_37336.NASL description s700_800 11.X OV OVO8.X Core Agt AIX A.08.17.3 : A potential security vulnerability has been identified in HP OpenView Operations (OVO) Agents running Shared Trace Service. The vulnerability could be remotely exploited to execute arbitrary code. last seen 2020-06-01 modified 2020-06-02 plugin id 29970 published 2008-01-15 reporter This script is Copyright (C) 2008-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/29970 title HP-UX PHSS_37336 : HP OpenView Operations (OVO) Agents Running Shared Trace Service, Remote Arbitrary Code Execution (HPSBMA02239 SSRT061260 rev.3) NASL family HP-UX Local Security Checks NASL id HPUX_PHSS_36901.NASL description s700_800 11.X OV NNM7.51 PA-RISC Intermediate Patch 17 : The remote HP-UX host is affected by multiple vulnerabilities : - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). This vulnerability could be exploited remotely by an unauthorized user to execute arbitrary code with the permissions of the NNM server. (HPSBMA02281 SSRT061261) - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM) running Shared Trace Service. The vulnerability could be remotely exploited to execute arbitrary code. (HPSBMA02242 SSRT061260) - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). This vulnerability could by exploited remotely to allow cross site scripting (XSS). (HPSBMA02283 SSRT071319) last seen 2020-06-01 modified 2020-06-02 plugin id 26897 published 2007-10-03 reporter This script is Copyright (C) 2007-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/26897 title HP-UX PHSS_36901 : s700_800 11.X OV NNM7.51 PA-RISC Intermediate Patch 17 NASL family HP-UX Local Security Checks NASL id HPUX_PHSS_35457.NASL description s700_800 11.X OV OVO8.X Core Agt Tru64 A.08.17 : A potential security vulnerability has been identified in HP OpenView Operations (OVO) Agents running Shared Trace Service. The vulnerability could be remotely exploited to execute arbitrary code. last seen 2020-06-01 modified 2020-06-02 plugin id 28269 published 2007-11-20 reporter This script is Copyright (C) 2007-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/28269 title HP-UX PHSS_35457 : HP OpenView Operations (OVO) Agents Running Shared Trace Service, Remote Arbitrary Code Execution (HPSBMA02239 SSRT061260 rev.3) NASL family HP-UX Local Security Checks NASL id HPUX_PHSS_37398.NASL description s700_800 11.X OV OVO8.X Core Agt Solaris A.08.17.3 : A potential security vulnerability has been identified in HP OpenView Operations (OVO) Agents running Shared Trace Service. The vulnerability could be remotely exploited to execute arbitrary code. last seen 2020-06-01 modified 2020-06-02 plugin id 29972 published 2008-01-15 reporter This script is Copyright (C) 2008-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/29972 title HP-UX PHSS_37398 : HP OpenView Operations (OVO) Agents Running Shared Trace Service, Remote Arbitrary Code Execution (HPSBMA02239 SSRT061260 rev.3) NASL family HP-UX Local Security Checks NASL id HPUX_PHSS_37335.NASL description s700_800 11.X OV OVO8.X Core Agt Windows A.08.17.3 : A potential security vulnerability has been identified in HP OpenView Operations (OVO) Agents running Shared Trace Service. The vulnerability could be remotely exploited to execute arbitrary code. last seen 2020-06-01 modified 2020-06-02 plugin id 29969 published 2008-01-15 reporter This script is Copyright (C) 2008-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/29969 title HP-UX PHSS_37335 : HP OpenView Operations (OVO) Agents Running Shared Trace Service, Remote Arbitrary Code Execution (HPSBMA02239 SSRT061260 rev.3) NASL family HP-UX Local Security Checks NASL id HPUX_PHSS_36902.NASL description s700_800 11.X OV NNM7.51 IA-64 Intermediate Patch 17 : The remote HP-UX host is affected by multiple vulnerabilities : - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). This vulnerability could be exploited remotely by an unauthorized user to execute arbitrary code with the permissions of the NNM server. (HPSBMA02281 SSRT061261) - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). This vulnerability could by exploited remotely to allow cross site scripting (XSS). (HPSBMA02283 SSRT071319) - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM) running Shared Trace Service. The vulnerability could be remotely exploited to execute arbitrary code. (HPSBMA02242 SSRT061260) last seen 2020-06-01 modified 2020-06-02 plugin id 26898 published 2007-10-03 reporter This script is Copyright (C) 2007-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/26898 title HP-UX PHSS_36902 : s700_800 11.X OV NNM7.51 IA-64 Intermediate Patch 17 NASL family HP-UX Local Security Checks NASL id HPUX_PHSS_37141.NASL description s700_800 11.X OV NNM6.4x/ET2.0x Intermediate Patch 17 : The remote HP-UX host is affected by multiple vulnerabilities : - Potential vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM) running Apache. These vulnerabilities could be exploited remotely resulting in cross site scripting (XSS), Denial of Service (DoS), or execution of arbitrary code. (HPSBMA02328 SSRT071293) - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). This vulnerability could be exploited remotely by an unauthorized user to execute arbitrary code with the permissions of the NNM server. (HPSBMA02281 SSRT061261) - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM) running Shared Trace Service. The vulnerability could be remotely exploited to execute arbitrary code. (HPSBMA02242 SSRT061260) - A potential security vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). The vulnerability could be exploited remotely to create a Denial of Service (DoS). (HPSBMA02307 SSRT071420) - A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). This vulnerability could by exploited remotely to allow cross site scripting (XSS). (HPSBMA02283 SSRT071319) last seen 2020-06-01 modified 2020-06-02 plugin id 29200 published 2007-12-04 reporter This script is Copyright (C) 2007-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/29200 title HP-UX PHSS_37141 : s700_800 11.X OV NNM6.4x/ET2.0x Intermediate Patch 17 NASL family HP-UX Local Security Checks NASL id HPUX_PHSS_37399.NASL description s700_800 11.X OV OVO8.X Core Agt HPUX 11 IA A.08.17.3 : A potential security vulnerability has been identified in HP OpenView Operations (OVO) Agents running Shared Trace Service. The vulnerability could be remotely exploited to execute arbitrary code. last seen 2020-06-01 modified 2020-06-02 plugin id 29973 published 2008-01-15 reporter This script is Copyright (C) 2008-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/29973 title HP-UX PHSS_37399 : HP OpenView Operations (OVO) Agents Running Shared Trace Service, Remote Arbitrary Code Execution (HPSBMA02239 SSRT061260 rev.3)
Packetstorm
| data source | https://packetstormsecurity.com/files/download/82951/hp_ovtrace.rb.txt |
| id | PACKETSTORM:82951 |
| last seen | 2016-12-05 |
| published | 2009-11-26 |
| reporter | MC |
| source | https://packetstormsecurity.com/files/82951/HP-OpenView-Operations-OVTrace-Buffer-Overflow.html |
| title | HP OpenView Operations OVTrace Buffer Overflow |
Saint
| bid | 25255 |
| description | HP OpenView Operations OVTrace buffer overflow |
| id | net_openview_ovtracesbo |
| osvdb | 39527 |
| title | openview_ovtrace |
| type | remote |
References
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01106515
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109171
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109584
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109617
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01110576
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01110627
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01111851
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01112038
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01114023
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01114156
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01115068
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=574
- http://secunia.com/advisories/26394
- http://www.securityfocus.com/bid/25255
- http://www.securitytracker.com/id?1018548
- http://www.vupen.com/english/advisories/2007/2841
- https://exchange.xforce.ibmcloud.com/vulnerabilities/35928