‘HP Network Node Manager i for HP-UX, Linux, Solaris, and Windows Information Disclosure Vulnerability’

Summary

An Information Disclosure vulnerability was identified in HP Network Node Manager i.’

Credit:

‘The original article can be found at: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02776387


Details

Vulnerable Systems:
 * HP Network Node Manager i (NNMi) v8.1x for HP-UX
 * HP Network Node Manager i (NNMi) v9.0x for HP-UX
 * HP Network Node Manager i (NNMi) v8.1x for Linux
 * HP Network Node Manager i (NNMi) v9.0x for Linux
 * HP Network Node Manager i (NNMi) v8.1x for Solaris
 * HP Network Node Manager i (NNMi) v9.0x for Solaris
 * HP Network Node Manager i (NNMi) v8.1x for Windows
 * HP Network Node Manager i (NNMi) v9.0x for Windows

A potential vulnerability has been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows. The vulnerability could be remotely exploited resulting in information disclosure.

Patch Availability:
HP has made patches available to resolve the vulnerability for NNMi 9.0x. HP has made a hotfixes available to resolve this vulnerability for NNMi v8.1x. The hotfixes can be obtained by contacting the normal HP Services support channel.

For downloading patches and creating a depot automatically see:
https://www.hp.com/go/swa

CVE Information:
CVE-2011-0895

Disclosure Timeline:
Version:1 (rev.1) – 30 March 2011 Initial release
Version:2 (rev.2) – 1 April 2011 Republish
Version:3 (rev.3) – 13 April 2011 Added NNMi v8.1x
Version:4 (rev.4) – 17 May 2011 Patches are available for NNMi v9.0x’

Categories: News