HP OpenView Network Node Manager Java JDK / JRE Multiple Vulnerabilities
Last Update Date:
28 Jan 2011
Release Date:
11 Feb 2010
5394
Views
RISK: Medium Risk
Multiple vulnerabilities have been identified in in HP OpenView Network Node Manager, which can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information, cause a DoS (Denial of service), or compromise a vulnerable system.
The vulnerabilities are caused due to the usage of a vulnerable version of Java JDK/JRE.
Impact
- Denial of Service
- Remote Code Execution
- Security Restriction Bypass
- Information Disclosure
System / Technologies affected
- HP OpenView Network Node Manager (NNM) 7.x
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Apply patches.
http://support.openview.hp.com/selfsolve/patches - HP-UX (IA):
- Apply patch PHSS_40374 or subsequent - HP-UX (PA):
- Apply patch PHSS_40375 or subsequent - Linux RedHatAS2.1:
- Apply patch LXOV_00101 or subsequent - Linux RedHat4AS-x86_64:
- Apply patch LXOV_00102 or subsequent - Solaris:
- Apply patch PSOV_03525 or subsequent - Windows:
- Apply patch NNM_01201 or subsequent
Vulnerability Identifier
- CVE-2008-2086
- CVE-2008-5339
- CVE-2008-5340
- CVE-2008-5341
- CVE-2008-5342
- CVE-2008-5343
- CVE-2008-5344
- CVE-2008-5345
- CVE-2008-5347
- CVE-2008-5348
- CVE-2008-5350
- CVE-2008-5351
- CVE-2008-5353
- CVE-2008-5354
- CVE-2008-5356
- CVE-2008-5357
- CVE-2008-5358
- CVE-2008-5359
- CVE-2008-5360
Source
Related Link
Share with