Vigil@nce: HP OpenView, denial of service of Internet Services
July 2008 by Vigil@nce
SYNTHESIS
An attacker can kill a process knowing its identifier via HPOVIS.
Gravity: 2/4
Consequences: denial of service of computer, denial of service of
service
Provenance: intranet client
Means of attack: no proof of concept, no attack
Ability of attacker: expert (4/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Creation date: 29/07/2008
Identifier: VIGILANCE-VUL-7975
IMPACTED PRODUCTS
– Hewlett-Packard OpenView
DESCRIPTION
HP OV Internet Services can be remotely administered.
"Probe Builder" service uses "PBOVISServer.exe" executable
listening on 32968/TCP port. This last gives, for instance, the
functionality to kill process with its ID.
No authentication is needed.
An attacker can therefore kill a process knowing its identifier
via HPOVIS.
CHARACTERISTICS
Identifiers: c01511225, CVE-2008-1667, HPSBMA02353, SSRT080066, VIGILANCE-VUL-7975