HP OpenView Network Node Manager Remote Code Execution Vulnerability
Last Update Date:
28 Jan 2011
Release Date:
6 May 2009
5361
Views
RISK: Medium Risk
A vulnerability has been identified in HP OpenView Network Node Manager (NNM), which could be exploited by attackers to cause a denial of service or compromise a vulnerable system. This issue is caused by an unspecified error when processing specially crafted data, which could allow remote attackers to crash an affected process or execute arbitrary code via a malicious request.
Impact
- Remote Code Execution
System / Technologies affected
- HP OpenView Network Node Manager (OV NNM) version 7.01 (on HP-UX, Linux, Solaris, and Windows)
- HP OpenView Network Node Manager (OV NNM) version 7.51 (on HP-UX, Linux, Solaris, and Windows)
- HP OpenView Network Node Manager (OV NNM) version 7.53 (on HP-UX, Linux, Solaris, and Windows)
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- HP OV NNM v7.53 for HP-UX (IA) - Install PHSS_39246 or subsequent
- HP OV NNM v7.53 for HP-UX (PA) - Install PHSS_39245 or subsequent
- HP OV NNM v7.53 for Linux RedHatAS2.1 - Install LXOV_00093 or subsequent
- HP OV NNM v7.53 for Linux RedHat4AS-x86_64 - Install LXOV_00094 or subsequent
- HP OV NNM v7.53 for Solaris - Install PSOV_03519 or subsequent
- HP OV NNM v7.53 for Windows - Install NNM_01197 or subsequent
- HP OV NNM v7.51 - Upgrade to NNM v7.53 and apply the NNM v7.53 resolution listed above :
ftp://nnm_753:[email protected]/ - HP OV NNM v7.01 with Intermediate Patch 12 for HP-UX (PA) - Install PHSS_38761
- HP OV NNM v7.01 with Intermediate Patch 12 for Solaris - Install PSOV_03516
- HP OV NNM v7.01 with Intermediate Patch 12 for windows - Install NNM_01194
Vulnerability Identifier
Source
Related Link
Share with