HP OpenView Network Node Manager 'ovalarmsrv.exe'远程代码执行漏洞

BUGTRAQ ID: 34738 HP OpenView Network Node Manager是一款惠普公司开发的网络节点管理器。 HP OpenView Network Node Manager ovalarmsrv.exe存在整数溢出，远程攻击者可以利用漏洞触发基于堆的缓冲区溢出，可能导致任意代码执行。 发送特殊构建的命令发送给2954/TCP端口可触发这个漏洞，目前没有详细漏洞细节提供。 HP OpenView Network Node Manager 7.53 HP OpenView Network Node Manager 7.51 HP OpenView Network Node Manager 7.01 可参考如下补丁： HP OpenView Network Node Manager 7.53 HP LXOV_00093 Linux RedHatAS2.1 <a href=http://support.openview.hp.com/selfsolve/patches target=_blank rel=external nofollow>http://support.openview.hp.com/selfsolve/patches</a> HP LXOV_00094 Linux RedHat4AS-x86_64 <a href=http://support.openview.hp.com/selfsolve/patches target=_blank rel=external nofollow>http://support.openview.hp.com/selfsolve/patches</a> HP NNM_01197 Windows <a href=http://support.openview.hp.com/selfsolve/patches target=_blank rel=external nofollow>http://support.openview.hp.com/selfsolve/patches</a> HP PHSS_39245 HP-UX (PA) <a href=http://support.openview.hp.com/selfsolve/patches target=_blank rel=external nofollow>http://support.openview.hp.com/selfsolve/patches</a> HP PHSS_39246 HP-UX (IA) <a href=http://support.openview.hp.com/selfsolve/patches target=_blank rel=external nofollow>http://support.openview.hp.com/selfsolve/patches</a> HP PSOV_03519 Solaris <a href=http://support.openview.hp.com/selfsolve/patches target=_blank rel=external nofollow>http://support.openview.hp.com/selfsolve/patches</a> HP OpenView Network Node Manager 7.01 HP SSRT080125.701_IP12.hotfix.tar.gz Windows <a href=ftp://ss080125:ss080125@hprc.external.hp.com target=_blank rel=external nofollow>ftp://ss080125:ss080125@hprc.external.hp.com</a>