ET WEB_SERVER Possible HP OpenView Network Node Manager ovalarm.exe CGI Buffer Overflow Attempt

SID: 2010704Rev: 100 viewsHistory

Sourceet/open

CreatedJuly 30, 2010

UpdatedNovember 7, 2020

Classificationweb-application-attack

alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SERVER Possible HP OpenView Network Node Manager ovalarm.exe CGI Buffer Overflow Attempt"; flow:established,to_server; http.method; content:"GET"; nocase; http.uri; content:"/OvCgi/ovalarm.exe"; nocase; fast_pattern; content:"OVABverbose="; nocase; distance:0; pcre:"/^(1|on|true)/Ri"; http.accept_lang; isdataat:100,relative; reference:cve,2009-4179; classtype:web-application-attack; sid:2010704; rev:10; metadata:created_at 2010_07_30, cve CVE_2009_4179, confidence Low, signature_severity Major, updated_at 2020_11_07;)

References

cve

2009-4179

Metadata

created at2010_07_30

cveCVE-2009-4179

confidenceLow

signature severityMajor

updated at2020_11_07

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!