Skip to main content

HP OpenView Network Node Manager Java JDK / JRE Multiple Vulnerabilities

Last Update Date: 28 Jan 2011 Release Date: 11 Feb 2010 5394 Views

RISK: Medium Risk

Multiple vulnerabilities have been identified in in HP OpenView Network Node Manager, which can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information, cause a DoS (Denial of service), or compromise a vulnerable system.

The vulnerabilities are caused due to the usage of a vulnerable version of Java JDK/JRE.


Impact

  • Denial of Service
  • Remote Code Execution
  • Security Restriction Bypass
  • Information Disclosure

System / Technologies affected

  • HP OpenView Network Node Manager (NNM) 7.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Apply patches.
    http://support.openview.hp.com/selfsolve/patches
  • HP-UX (IA):
    - Apply patch PHSS_40374 or subsequent
  • HP-UX (PA):
    - Apply patch PHSS_40375 or subsequent
  • Linux RedHatAS2.1:
    - Apply patch LXOV_00101 or subsequent
  • Linux RedHat4AS-x86_64:
    - Apply patch LXOV_00102 or subsequent
  • Solaris:
    - Apply patch PSOV_03525 or subsequent
  • Windows:
    - Apply patch NNM_01201 or subsequent


Vulnerability Identifier


Source


Related Link