Immunity, Inc.
Name wp_openviewnnm_ovcgi
CVE CVE-2009-4178
Exploit Pack White_Phosphorus
DescriptionHP OpenView Network Node Manager OvWebHelp CGI Remote Overflow
NotesCVE Name: CVE-2009-4178
Notes:
OvWebHelp is spawned by IIS & runs under the IUSR_ Internet Guest account.
As such, Execute Command shellcode will only work with applications that IUSER_
has been granted permission to execute.
Repeatability: Unlimited
References: http://dvlabs.tippingpoint.com/advisory/TPTI-09-11
CVE Url: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4178
Date public: 2009-12-09
CVSS: 10.0

Learn more about the CANVAS Exploit Pack here: White_Phosphorus