The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of OpenView NNM

computer vulnerability announce CVE-2009-1420 CVE-2009-2298

OpenView NNM: vulnerability of SNMP and MIB

Synthesis of the vulnerability

An attacker can use a vulnerability of SNMP and MIB in order to execute code or to generate a denial of service on HP OpenView Network Node Manager.
Impacted products: OpenView, OpenView NNM.
Severity: 2/4.
Consequences: user access/rights, denial of service on service.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 2.
Creation date: 10/06/2009.
Identifiers: BID-35267, c01754877, CERTA-2009-AVI-228, CVE-2009-1420, CVE-2009-2298, HPSBMA02430, SSRT080094, VIGILANCE-VUL-8787.

Description of the vulnerability

The SNMP protocol is used for the remote administration of a computer. The MIB stores information and state of the computer.

An attacker can use a vulnerability of SNMP and MIB in order to execute code or to generate a denial of service on HP OpenView Network Node Manager.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2009-0720

OpenView NNM: code execution

Synthesis of the vulnerability

A remote attacker can execute code on the server using a vulnerability of HP OpenView Network Node Manager.
Impacted products: OpenView, OpenView NNM.
Severity: 3/4.
Consequences: administrator access/rights, user access/rights.
Provenance: intranet client.
Creation date: 04/05/2009.
Identifiers: BID-34812, c01728300, CERTA-2009-AVI-173, CVE-2009-0720, HPSBMA02425, SSRT080091, VIGILANCE-VUL-8690.

Description of the vulnerability

A remote attacker can execute code on the server using a vulnerability of HP OpenView Network Node Manager.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2008-2438

OpenView NNM: code execution

Synthesis of the vulnerability

A remote attacker can execute code on the server using a vulnerability of HP OpenView Network Node Manager.
Impacted products: OpenView, OpenView NNM.
Severity: 3/4.
Consequences: administrator access/rights, user access/rights.
Provenance: intranet client.
Creation date: 28/04/2009.
Revision date: 28/04/2009.
Identifiers: BID-34738, c01723303, CVE-2008-2438, HPSBMA02424, SSRT080125, VIGILANCE-VUL-8675.

Description of the vulnerability

The OpenView NNM (Network Node Manager) product manages a network of computers.

The OVALARMSRV service, which listens on ports 2953/tcp and 2954/tcp, handles alarms.

An attacker can connect to the port 2954/tcp and generate a buffer overflow in the OVALARMSRV service.

A remote attacker can then execute code on the server.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2009-0920 CVE-2009-0921

OpenView NNM: code execution

Synthesis of the vulnerability

A remote attacker can execute code on the server using several vulnerabilities of HP OpenView Network Node Manager.
Impacted products: HPE NMC, OpenView, OpenView NNM.
Severity: 3/4.
Consequences: privileged access/rights, user access/rights.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 3.
Creation date: 23/03/2009.
Identifiers: BID-34134, BID-34135, BID-34294, c01696729, CERTA-2009-AVI-116, CORE-2009-0122, CVE-2009-0920, CVE-2009-0921, HPSBMA02416, SSRT090008, VIGILANCE-VUL-8555.

Description of the vulnerability

The Openview NNM (Network Node Manager) product manages a network of computers. It is impacted by several vulnerabilities.

An attacker can use the OvOSLocale parameter of the /OvCgi/Toolbar.exe script in order to generate a buffer overflow. [severity:3/4; BID-34294, CERTA-2009-AVI-116, CVE-2009-0920]

An attacker can use the OvAcceptLang cookies of the /OvCgi/Toolbar.exe script in order to generate a buffer overflow. [severity:3/4; BID-34134, CVE-2009-0921]

An attacker can use a long Accept-Language header for the /OvCgi/Toolbar.exe script in order to generate a buffer overflow. [severity:3/4; BID-34135, CVE-2009-0921]

A remote attacker can therefore execute code on the server.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2008-0067

OpenView NNM: several overflows

Synthesis of the vulnerability

Several vulnerabilities of OpenView NNM can be used by an attacker to create a denial of service or to execute code.
Impacted products: HPE NMC, OpenView, OpenView NNM.
Severity: 3/4.
Consequences: privileged access/rights.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 6.
Creation date: 07/01/2009.
Revision date: 12/02/2009.
Identifiers: 2008-13, BA324, BID-33147, c01646081, CERTA-2009-AVI-027, CVE-2008-0067, HPSBMA02400, SSRT080144, VIGILANCE-VUL-8370.

Description of the vulnerability

Several vulnerabilities impact OpenView NNM.

An attacker can use a long parameter in the OpenView5.exe CGI script in order to generate a buffer overflow. [severity:3/4]

An attacker can use a long Context parameter in the OpenView5.exe CGI script in order to generate a buffer overflow. [severity:3/4; BA324]

An attacker can use a long parameter in the getcvdata.exe CGI script in order to generate a buffer overflow. [severity:3/4]

An attacker can use a long parameter in the ovlaunch.exe CGI script in order to generate a buffer overflow. [severity:3/4]

An attacker can use a long parameter in the Toolbar.exe CGI script in order to generate a buffer overflow. [severity:3/4]

An attacker can use a long parameter in the Toolbar.exe CGI script in order to generate a buffer overflow. [severity:3/4]

These vulnerabilities lead to a denial of service or to code execution.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability note CVE-2008-4559 CVE-2008-4560 CVE-2008-4561

OpenView NNM: code execution

Synthesis of the vulnerability

A remote attacker can execute code on the server using several vulnerabilities of HP OpenView Network Node Manager.
Impacted products: HPE NMC, OpenView, OpenView NNM.
Severity: 3/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 4.
Creation date: 06/02/2009.
Revision date: 09/02/2009.
Identifiers: BID-33651, BID-33666, BID-33667, BID-33668, c01661610, CERTA-2009-AVI-053, CVE-2008-4559, CVE-2008-4560, CVE-2008-4561, CVE-2008-4562, CVE-2009-0205, HPSBMA02406, SSRT080092, SSRT080095, SSRT080100, VIGILANCE-VUL-8449.

Description of the vulnerability

The Openview NNM (Network Node Manager) product manages a network of computers. It is impacted by several vulnerabilities.

An attacker can inject commands in webappmon.exe and OpenView5.exe CGI applications. [severity:3/4; BID-33666, CVE-2008-4559]

An attacker can send a malicious query to the nnmRptConfig.exe CGI application in order to obtain the name of the log directory. [severity:1/4; BID-33667, CVE-2008-4560, CVE-2008-4561, SSRT080095]

An attacker can send a malicious query to the ovlaunch.exe CGI application in order to obtain information about the configuration. [severity:2/4; BID-33667, CVE-2008-4560, CVE-2008-4561, SSRT080095]

An attacker can generate a buffer overflow in the ovlaunch CGI application. [severity:3/4; BID-33668, CVE-2008-4562, SSRT080092]

A remote attacker can therefore execute code on the server or obtain information.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2008-2086 CVE-2008-5339 CVE-2008-5340

Java JDK/JRE/SDK: several vulnerabilities

Synthesis of the vulnerability

Several vulnerabilities were announced in Java JDK/JRE/SDK.
Impacted products: Fedora, OpenView, OpenView NNM, HP-UX, NLD, OES, Java OpenJDK, openSUSE, Java Oracle, RHEL, SLES, ESX, ESXi, VMware Server, vCenter Server, VirtualCenter.
Severity: 4/4.
Consequences: user access/rights, data reading, data creation/edition, denial of service on server.
Provenance: document.
Number of vulnerabilities in this bulletin: 23.
Creation date: 02/12/2008.
Revision date: 04/12/2008.
Identifiers: 244986, 244987, 244988, 244989, 244990, 244991, 244992, 245246, 246266, 246286, 246346, 246366, 246386, 246387, 4486841, 6484091, 6497740, 6588160, 6592792, 6674093, 6694892, 6704154, 6707535, 6716217, 6721753, 6726779, 6727071, 6727079, 6727081, 6728071, 6733336, 6733959, 6734167, 6751322, 6755943, 6766136, 6767668, BID-32608, BID-32620, c01683026, c01745133, c02000725, CERTA-2008-AVI-578, CERTA-2009-AVI-069, CERTA-2009-AVI-239, CVE-2008-2086, CVE-2008-5339, CVE-2008-5340, CVE-2008-5341, CVE-2008-5342, CVE-2008-5343, CVE-2008-5344, CVE-2008-5345, CVE-2008-5346, CVE-2008-5347, CVE-2008-5348, CVE-2008-5349, CVE-2008-5350, CVE-2008-5351, CVE-2008-5352, CVE-2008-5353, CVE-2008-5354, CVE-2008-5355, CVE-2008-5356, CVE-2008-5357, CVE-2008-5358, CVE-2008-5359, CVE-2008-5360, FEDORA-2008-10860, FEDORA-2008-10913, HPSBMA02486, HPSBUX02411, HPSBUX02429, RHSA-2008:1018-01, RHSA-2008:1025-01, RHSA-2009:0015-01, RHSA-2009:0016-01, RHSA-2009:0369-01, RHSA-2009:0445-01, RHSA-2009:1505-01, SSRT080111, SSRT090049, SSRT090058, SUSE-SA:2009:001, SUSE-SA:2009:007, SUSE-SA:2009:018, SUSE-SR:2009:006, SUSE-SR:2009:010, SUSE-SR:2009:016, SUSE-SR:2009:017, VIGILANCE-VUL-8280, VMSA-2009-0014, VMSA-2009-0014.1, VMSA-2009-0014.2, ZDI-08-080, ZDI-08-081.

Description of the vulnerability

Several vulnerabilities were announced in Java JDK/JRE/SDK.

The JRE creates temporary files with predictable names. [severity:1/4; 244986, 6721753, CVE-2008-5360]

A buffer overflow in the Raster image handling leads to code execution. [severity:4/4; 244987, 6726779, CVE-2008-5359, ZDI-08-080]

An integer overflow in the True Font handling leads to code execution. [severity:4/4; 244987, 6733336, CVE-2008-5356]

A buffer overflow in the True Font handling leads to code execution. [severity:4/4; 244987, 6751322, CVE-2008-5357]

A buffer overflow in the GIF image handling leads to code execution. [severity:4/4; 244987, 6766136, CVE-2008-5358]

A Java code can modify the java.home, java.ext.dirs and user.home properties with a JNLP file, which can be used to load malicious extensions, and to execute code. [severity:3/4; 244988, 6694892, CERTA-2009-AVI-069, CVE-2008-2086]

A vulnerability of Java Web Start and Java Plug-in can be used to hijack HTTP sessions. [severity:2/4; 244988, 6707535, CVE-2008-5343]

A vulnerability of Java Web Start and Java Plug-in can be used to read files or to establish network connections. [severity:2/4; 244988, 6716217, CVE-2008-5344, ZDI-08-081]

A vulnerability of Java Web Start and Java Plug-in can be used to obtain information on the cache and the username. [severity:2/4; 244988, 6727071, CVE-2008-5341, ZDI-08-081]

A vulnerability of Java Web Start and Java Plug-in can be used to establish network connections to hosts other than the host were the application is downloaded. [severity:2/4; 244988, 6727079, CVE-2008-5339, ZDI-08-081]

A vulnerability of Java Web Start and Java Plug-in leads to code execution. [severity:4/4; 244988, 6727081, CVE-2008-5340]

A vulnerability of Java Web Start and Java Plug-in can be used to access to local files. [severity:2/4; 244988, 6767668, CVE-2008-5342]

The "Java Update" mechanism does not check the signature of the JRE which is downloaded. [severity:3/4; 244989, 6728071, CVE-2008-5355]

A Java application launched from the command line can elevate his privileges. [severity:2/4; 244990, 6733959, CVE-2008-5354]

The deserialization of a Calendar Object leads to code execution. [severity:4/4; 244991, 6734167, CERTA-2009-AVI-239, CVE-2008-5353]

A buffer overflow of the JAR "Unpack200" decoding procedure leads to code execution on victim's computer. [severity:4/4; 244992, 6755943, CVE-2008-5352]

The UTF-8 decoder accepts long formats, which can be used to bypass security restrictions (VIGILANCE-VUL-8406). [severity:1/4; 245246, 4486841, CVE-2008-5351]

A Java code can list the content of victim's home directory. [severity:2/4; 246266, 6484091, CERTA-2008-AVI-578, CVE-2008-5350]

The usage of some RSA keys creates a denial of service. [severity:1/4; 246286, 6497740, CVE-2008-5349]

A Java code can use the Kerberos authentication in order to create a denial of service on the computer. [severity:1/4; 246346, 6588160, CVE-2008-5348]

A Java code can use vulnerabilities of JAX-WS and JAXB to read/write files or to execute a command. [severity:4/4; 246366, 6592792, CVE-2008-5347]

A Java code can unzip a malicious ZIP file, in order to read memory fragments. [severity:2/4; 246386, 6674093, CVE-2008-5346]

A Java code loaded locally can connect to network ports of the local computer ("localhost"). [severity:1/4; 246387, 6704154, CVE-2008-5345]
Full Vigil@nce bulletin... (Free trial)

vulnerability bulletin CVE-2007-4349

HP OpenView: denial of service of Trace Service

Synthesis of the vulnerability

An attacker can connect to the RPC service of HP OpenView Trace Service in order to stop it.
Impacted products: HPE NMC, OpenView, OpenView NNM.
Severity: 2/4.
Consequences: denial of service on service.
Provenance: intranet client.
Creation date: 22/10/2008.
Identifiers: BID-31860, c01607558, c01612418, c01621724, CERTA-2008-AVI-595, CVE-2007-4349, HPSBMA02390, HPSBMA02391, HPSBMA02392, SSRT071481, VIGILANCE-VUL-8193.

Description of the vulnerability

The HP OpenView Trace Service listens as RPC on ports 5051/tcp or 5053/tcp.

A non authenticated attacker can connect to these ports and send a special sequence of RPC queries, which forces a read at an invalid memory address, and stops the service.

An attacker can therefore connect to the RPC service of HP OpenView Trace Service in order to stop it.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2008-3545

OpenView NNM: denial of service of ovtopmd

Synthesis of the vulnerability

A remote attacker can use a vulnerability of OpenView NNM in order to create a denial of service.
Impacted products: HPE NMC, OpenView, OpenView NNM.
Severity: 2/4.
Consequences: denial of service on service.
Provenance: intranet client.
Creation date: 09/10/2008.
Identifiers: BID-31669, c01567813, CVE-2008-3545, HPSBMA02374, SSRT080046, VIGILANCE-VUL-8156.

Description of the vulnerability

The Openview NNM (Network Node Manager) product manages a network of computers.

The ovtopmd service (OpenView Topology Manager Daemon) handles the database containing network topology.

A network attacker can create a denial of service in ovtopmd.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2008-3536 CVE-2008-3537

OpenView NNM: denial of service

Synthesis of the vulnerability

A remote attacker can use two vulnerabilities of OpenView NNM in order to create a denial of service.
Impacted products: HPE NMC, OpenView, OpenView NNM, HP-UX.
Severity: 2/4.
Consequences: denial of service on service.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 2.
Creation date: 02/09/2008.
Identifiers: BID-30984, c01537275, CVE-2008-3536, CVE-2008-3537, HPSBMA02362, SSRT080044, SSRT080045, VIGILANCE-VUL-8081.

Description of the vulnerability

The Openview NNM (Network Node Manager) product manages a network of computers.

The OVALARMSRV service, which listens on ports 2953/tcp and 2954/tcp, handles alarms. It has two vulnerabilities.

They can be used by a remote attacker to create a denial of service.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.