CVE-2008-1667 - OpenCVE

The Probe Builder Service (aka PBOVISServer.exe) in European Performance Systems (EPS) Probe Builder 2.2 before A.02.20.901, as used in HP OpenView Internet Services (OVIS) on Windows, allows remote attackers to kill arbitrary processes via a process ID number in an unspecified opcode.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:N/AC:L/Au:N/C:N/I:N/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Eps	Probe Builder
Hp	Openview Internet Services

Configuration 1 [-]

OR	cpe:2.3:a:eps:probe_builder:2.2:::::::*
	cpe:2.3:a:hp:openview_internet_services::::::::

No data.

References

Link	Providers
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=728
http://marc.info/?l=bugtraq&m=121726629109585&w=2
http://secunia.com/advisories/31278
http://secunia.com/advisories/31282
http://securityreason.com/securityalert/4054
http://www.securityfocus.com/bid/30403
http://www.securitytracker.com/id?1020568
http://www.vupen.com/english/advisories/2008/2227/references
http://www.vupen.com/english/advisories/2008/2228/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/44041

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2008-07-29T18:00:00

Updated: 2024-08-07T08:32:01.217Z

Reserved: 2008-04-03T00:00:00

Link: CVE-2008-1667

Vulnrichment

No data.

NVD

Status : Modified

Published: 2008-07-29T18:41:00.000

Modified: 2017-08-08T01:30:20.777

Link: CVE-2008-1667

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-07-28T00:00:00", "descriptions": [{"lang": "en", "value": "The Probe Builder Service (aka PBOVISServer.exe) in European Performance Systems (EPS) Probe Builder 2.2 before A.02.20.901, as used in HP OpenView Internet Services (OVIS) on Windows, allows remote attackers to kill arbitrary processes via a process ID number in an unspecified opcode."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-07T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "31282", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31282"}, {"name": "SSRT080066", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=121726629109585&w=2"}, {"name": "HPSBMA02353", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=121726629109585&w=2"}, {"name": "hp-ovis-pbovisserver-dos(44041)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44041"}, {"name": "ADV-2008-2227", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2227/references"}, {"name": "30403", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/30403"}, {"name": "ADV-2008-2228", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2228/references"}, {"name": "20080728 Hewlett-Packard OVIS Probe Builder Arbitrary Process Termination Vulnerability", "tags": ["third-party-advisory", "x_refsource_IDEFENSE"], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=728"}, {"name": "4054", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/4054"}, {"name": "31278", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31278"}, {"name": "1020568", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1020568"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2008-1667", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Probe Builder Service (aka PBOVISServer.exe) in European Performance Systems (EPS) Probe Builder 2.2 before A.02.20.901, as used in HP OpenView Internet Services (OVIS) on Windows, allows remote attackers to kill arbitrary processes via a process ID number in an unspecified opcode."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "31282", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31282"}, {"name": "SSRT080066", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=121726629109585&w=2"}, {"name": "HPSBMA02353", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=121726629109585&w=2"}, {"name": "hp-ovis-pbovisserver-dos(44041)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44041"}, {"name": "ADV-2008-2227", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2227/references"}, {"name": "30403", "refsource": "BID", "url": "http://www.securityfocus.com/bid/30403"}, {"name": "ADV-2008-2228", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2228/references"}, {"name": "20080728 Hewlett-Packard OVIS Probe Builder Arbitrary Process Termination Vulnerability", "refsource": "IDEFENSE", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=728"}, {"name": "4054", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/4054"}, {"name": "31278", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/31278"}, {"name": "1020568", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020568"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T08:32:01.217Z"}, "title": "CVE Program Container", "references": [{"name": "31282", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31282"}, {"name": "SSRT080066", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=121726629109585&w=2"}, {"name": "HPSBMA02353", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=121726629109585&w=2"}, {"name": "hp-ovis-pbovisserver-dos(44041)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44041"}, {"name": "ADV-2008-2227", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2227/references"}, {"name": "30403", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/30403"}, {"name": "ADV-2008-2228", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2228/references"}, {"name": "20080728 Hewlett-Packard OVIS Probe Builder Arbitrary Process Termination Vulnerability", "tags": ["third-party-advisory", "x_refsource_IDEFENSE", "x_transferred"], "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=728"}, {"name": "4054", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/4054"}, {"name": "31278", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31278"}, {"name": "1020568", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1020568"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2008-1667", "datePublished": "2008-07-29T18:00:00", "dateReserved": "2008-04-03T00:00:00", "dateUpdated": "2024-08-07T08:32:01.217Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:eps:probe_builder:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "55FE03DD-7C20-4205-A336-876A5133DCD5", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:openview_internet_services:*:*:*:*:*:*:*:*", "matchCriteriaId": "461845C0-EF7F-441A-9B73-8C6F8E05D29D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Probe Builder Service (aka PBOVISServer.exe) in European Performance Systems (EPS) Probe Builder 2.2 before A.02.20.901, as used in HP OpenView Internet Services (OVIS) on Windows, allows remote attackers to kill arbitrary processes via a process ID number in an unspecified opcode."}, {"lang": "es", "value": "The Probe Builder Service (alias PBOVISServer.exe) en European Performance Systems (EPS) Probe Builder 2.2 con versiones anteriores a A.02.20.901l, usado en HP OpenView Internet Services (OVIS) para Windows, permite a los atacantes remotos terminar procesos arbitrariamente a trav\u00e9s del n\u00famero de proceso ID con un opcode no especificado."}], "evaluatorComment": "Vendor website was under construction during the scoring of this vulnerability. CPE information is not complete due to limited knowledge of Probe Builder version numbers.", "id": "CVE-2008-1667", "lastModified": "2017-08-08T01:30:20.777", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-07-29T18:41:00.000", "references": [{"source": "cve@mitre.org", "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=728"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=121726629109585&w=2"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/31278"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/31282"}, {"source": "cve@mitre.org", "url": "http://securityreason.com/securityalert/4054"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/30403"}, {"source": "cve@mitre.org", "url": "http://www.securitytracker.com/id?1020568"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2008/2227/references"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2008/2228/references"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44041"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-189"}], "source": "nvd@nist.gov", "type": "Primary"}]}