‘HP OpenView Network Node Manager Execution of Arbitrary Code Vulnerabilities’

Summary

Vulnerabilities related to the execution of Arbitrary code were identified on HP OpenView Network Node Manager.’

Credit:

‘The original article can be found at: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01950877


Details

Vulnerable Systems:
 * HP OpenView Network Node Manager v7.01 running on HP-UX
 * HP OpenView Network Node Manager v7.01 running on Linux
 * HP OpenView Network Node Manager v7.01 running on Solaris
 * HP OpenView Network Node Manager v7.01 running on Windows
 * HP OpenView Network Node Manager v7.51 running on HP-UX
 * HP OpenView Network Node Manager v7.51 running on Linux
 * HP OpenView Network Node Manager v7.51 running on Solaris
 * HP OpenView Network Node Manager v7.51 running on Windows
 * HP OpenView Network Node Manager v7.53 running on HP-UX
 * HP OpenView Network Node Manager v7.53 running on Linux
 * HP OpenView Network Node Manager v7.53 running on Solaris
 * HP OpenView Network Node Manager v7.53 running on Windows

Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). These vulnerabilities could be exploited remotely to execute arbitrary code.

Patch Availability:
HP has made patches available to resolve the vulnerabilities for NNM v7.53.
The patches are available from: http://support.openview.hp.com/selfsolve/patches

CVE Information:
CVE-2009-0898
CVE-2009-3845
CVE-2009-3846
CVE-2009-3847
CVE-2009-3848
CVE-2009-3849
CVE-2009-4176
CVE-2009-4177
CVE-2009-4178
CVE-2009-4179
CVE-2009-4180
CVE-2009-4181

Disclosure Timeline:
2009-12-09: Release Date
2010-05-04: Last Updated’

Categories: News