The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of OpenView Network Node Manager

computer vulnerability announce CVE-2010-1960 CVE-2010-1961 CVE-2010-1964

OpenView NNM: code execution

Synthesis of the vulnerability

Three vulnerabilities of HP OpenView Network Node Manager can be used by a remote attacker to execute code.
Impacted products: OpenView, OpenView NNM.
Severity: 3/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 3.
Creation date: 09/06/2010.
Revisions dates: 15/06/2010, 23/03/2011.
Identifiers: BID-40637, BID-40638, BID-40873, c02217439, CVE-2010-1960, CVE-2010-1961, CVE-2010-1964, HPSBMA02537, SSRT010026, SSRT010027, SSRT010028, SSRT100026, SSRT100027, SSRT100028, VIGILANCE-VUL-9697, ZDI-10-105, ZDI-10-106, ZDI-10-108, ZDI-CAN-683, ZDI-CAN-684, ZDI-CAN-685.

Description of the vulnerability

Three vulnerabilities were announced in HP OpenView Network Node Manager.

An attacker can send a long option to the CGI jovgraph.exe, in order to generate a buffer overflow in ovwebsnmpsrv.exe. [severity:3/4; BID-40637, CVE-2010-1960, SSRT010027, SSRT100027, ZDI-10-105, ZDI-CAN-684]

An attacker can send a long variable to the CGI jovgraph.exe, in order to generate a buffer overflow in ovwebsnmpsrv.exe, when ovutil.dll is used. [severity:3/4; BID-40638, CVE-2010-1961, SSRT010028, SSRT100028, ZDI-10-106, ZDI-CAN-685]

An attacker can send long variables to the CGI jovgraph.exe, in order to generate a buffer overflow in ovwebsnmpsrv.exe, when strcpy() is used. [severity:3/4; BID-40873, CVE-2010-1964, SSRT010026, SSRT100026, ZDI-10-108, ZDI-CAN-683]

These vulnerabilities can be used by a remote attacker to execute code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2011-0261 CVE-2011-0262 CVE-2011-0263

OpenView NNM: code execution

Synthesis of the vulnerability

Several vulnerabilities of HP OpenView Network Node Manager can be used by a remote attacker to execute code.
Impacted products: OpenView, OpenView NNM.
Severity: 3/4.
Consequences: user access/rights.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 11.
Creation date: 12/01/2011.
Revision date: 23/03/2011.
Identifiers: BID-45762, c02286088, c02670501, CVE-2011-0261, CVE-2011-0262, CVE-2011-0263, CVE-2011-0264, CVE-2011-0265, CVE-2011-0266, CVE-2011-0267, CVE-2011-0268, CVE-2011-0269, CVE-2011-0270, CVE-2011-0271, HPSBMA02557, HPSBMA02621, SSRT100025, SSRT100352, VIGILANCE-VUL-10267, ZDI-11-003, ZDI-11-004, ZDI-11-005, ZDI-11-006, ZDI-11-007, ZDI-11-008, ZDI-11-009, ZDI-11-010, ZDI-11-011, ZDI-11-012.

Description of the vulnerability

Several vulnerabilities were announced in HP OpenView Network Node Manager.

An attacker can use a malformed displayWidth parameter, in order to execute code in jovgraph.exe. [severity:3/4; CVE-2011-0261, ZDI-11-003]

An attacker can use long parameters, in order to execute code in jovgraph.exe. [severity:3/4; CVE-2011-0262, ZDI-11-004]

An attacker can use long Source Node and Destination Node parameters, in order to execute code in ovas.exe. [severity:3/4; CVE-2011-0263, ZDI-11-005]

An attacker can use a long cookie, in order to execute code in ovutil.dll. [severity:3/4; CVE-2011-0264, ZDI-11-006]

An attacker can use a long data_select1 parameter, in order to execute code in nnmRptConfig.exe. [severity:3/4; CVE-2011-0265, ZDI-11-007]

An attacker can use a long nameParams parameter, in order to execute code in nnmRptConfig.exe. [severity:3/4; CVE-2011-0266, ZDI-11-008]

An attacker can use a long schdParams parameter, in order to execute code in nnmRptConfig.exe. [severity:3/4; CVE-2011-0267, ZDI-11-009]

An attacker can use a long text1 parameter, in order to execute code in nnmRptConfig.exe. [severity:3/4; CVE-2011-0268, ZDI-11-010]

An attacker can use a long schd_select1 parameter, in order to execute code in nnmRptConfig.exe. [severity:3/4; CVE-2011-0269, ZDI-11-011]

An attacker can generate a format string attack in nnmRptConfig.exe, in order to execute code. [severity:3/4; CVE-2011-0270, ZDI-11-012]

An attacker can inject a shell command in parameters of the web server. [severity:3/4; CVE-2011-0271]

These vulnerabilities can be used by a remote attacker to execute code.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2010-4476

Java JRE: denial of service via a real

Synthesis of the vulnerability

An attacker can use a special double floating point number, in order to create an infinite loop in Java programs.
Impacted products: Debian, Fedora, HPE BAC, HPE NNMi, OpenView, OpenView NNM, Tru64 UNIX, HP-UX, AIX, DB2 UDB, Tivoli Directory Server, Tivoli Storage Manager, Tivoli System Automation, Tivoli Workload Scheduler, WebSphere AS Traditional, WebSphere MQ, JBoss AS OpenSource, Mandriva Linux, NLD, OES, Java OpenJDK, openSUSE, Oracle iPlanet Web Server, Java Oracle, Oracle Web Tier, RHEL, JBoss EAP by Red Hat, SLES.
Severity: 3/4.
Consequences: denial of service on service, denial of service on client.
Provenance: document.
Creation date: 02/02/2011.
Identifiers: 1468291, BID-46091, c02729756, c02738573, c02746026, c02752210, c02775276, c02826781, c02906075, c03090723, c03316985, CERTA-2002-AVI-271, CERTA-2012-AVI-286, cpuapr2011, CVE-2010-4476, DSA-2161-1, DSA-2161-2, FEDORA-2011-1231, FEDORA-2011-1263, HPSBMU02690, HPSBTU02684, HPSBUX02633, HPSBUX02641, HPSBUX02642, HPSBUX02645, HPSBUX02685, HPSBUX02725, HPSBUX02777, IZ94331, javacpufeb2011, MDVSA-2011:054, openSUSE-SU-2011:0126-1, PM32175, PM32177, PM32184, PM32192, PM32194, RHSA-2011:0210-01, RHSA-2011:0211-01, RHSA-2011:0212-01, RHSA-2011:0213-01, RHSA-2011:0214-01, RHSA-2011:0282-01, RHSA-2011:0290-01, RHSA-2011:0291-01, RHSA-2011:0292-01, RHSA-2011:0299-01, RHSA-2011:0333-01, RHSA-2011:0334-01, RHSA-2011:0336-01, RHSA-2011:0348-01, RHSA-2011:0349-01, RHSA-2011:0880-01, SSRT100387, SSRT100390, SSRT100412, SSRT100415, SSRT100505, SSRT100569, SSRT100627, SSRT100854, SUSE-SA:2011:010, SUSE-SA:2011:014, SUSE-SR:2011:008, SUSE-SU-2011:0823-1, swg21469266, swg24030066, swg24030067, VIGILANCE-VUL-10321.

Description of the vulnerability

The number 2.2250738585072011e-308 if the "largest subnormal double number" (in base 2 : 0x0fffffffffffff x 2^-1022).

On a x86 processor, the Java JRE uses x87 FPU registers (80 bit), in order to find bit-after-bit the closest real value. This loop stops when the remainder is inferior to the precision. However, with the number 2.225..., this stop condition is never true (80 bit rounded to 64 bit), and an infinite loop occurs.

An attacker can therefore use a special double floating point number, in order to create an infinite loop in Java programs.

The origin of this vulnerability is the same as VIGILANCE-VUL-10257.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2010-3285

OpenView NNM: denial of service

Synthesis of the vulnerability

A remote attacker can create a denial of service in HP OpenView Network Node Manager.
Impacted products: OpenView, OpenView NNM.
Severity: 2/4.
Consequences: denial of service on service.
Provenance: intranet client.
Creation date: 23/09/2010.
Identifiers: BID-43426, c02521481, CVE-2010-3285, HPSBMA02585, SSRT100256, VIGILANCE-VUL-9968.

Description of the vulnerability

The HP OpenView Network Node Manager product listens on TCP ports.

A remote attacker can create a denial of service in HP OpenView Network Node Manager.
Full Vigil@nce bulletin... (Free trial)

vulnerability CVE-2010-2703

OpenView NNM: code execution on Windows

Synthesis of the vulnerability

A remote attacker can use a vulnerability of HP OpenView Network Node Manager installed on Windows, in order to execute code.
Impacted products: OpenView, OpenView NNM.
Severity: 3/4.
Consequences: administrator access/rights.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 2.
Creation date: 21/07/2010.
Revisions dates: 22/07/2010, 06/09/2010.
Identifiers: BID-41829, c02286088, c02670501, CERTA-2010-AVI-328, CERTA-2011-AVI-015, CVE-2010-2703, CVE-2010-2704-ERROR, HPSBMA02557, HPSBMA02621, SSRT100025, SSRT100352, VIGILANCE-VUL-9780, ZDI-10-137, ZDI-CAN-682.

Description of the vulnerability

The HP OpenView Network Node Manager product is used to manage a computer network.

The execvp_nc() function of the ov.dll library is called to concatenate parameters of a command. It is called from the webappmon.exe CGI script. However, if a script parameter is too long, a buffer overflow occurs.

A remote attacker can therefore use a vulnerability of HP OpenView Network Node Manager installed on Windows, in order to execute code.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2010-2709

OpenView NNM: code execution via OvJavaLocale

Synthesis of the vulnerability

A remote attacker can use a long OvJavaLocale cookie, in order to execute code in HP OpenView Network Node Manager.
Impacted products: OpenView, OpenView NNM.
Severity: 3/4.
Consequences: administrator access/rights, privileged access/rights.
Provenance: intranet client.
Creation date: 03/08/2010.
Revision date: 04/08/2010.
Identifiers: BID-42154, c02446520, CORE-2010-0608, CVE-2010-2709, HPSBMA02563, SSRT100165, VIGILANCE-VUL-9804.

Description of the vulnerability

The HP OpenView Network Node Manager product is used to manage a computer network.

The webappmon.exe CGI script reads the OvJavaLocale cookie to obtain the character encoding to use. For example:
  Cookie: OvJavaLocale=ISO-8859-1;

However, if this cookie is too long, a buffer overflow occurs in the sprintf_new() function of ov.dll, called by the OvWwwDebug() function of ovwww.dll.

A remote attacker can therefore use a long OvJavaLocale cookie, in order to execute code in HP OpenView Network Node Manager.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2010-2704

OpenView NNM: code execution

Synthesis of the vulnerability

A remote attacker can use a vulnerability of HP OpenView Network Node Manager, in order to execute code.
Impacted products: OpenView, OpenView NNM.
Severity: 3/4.
Consequences: administrator access/rights.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 2.
Creation date: 21/07/2010.
Identifiers: BID-41839, c02290344, CERTA-2010-AVI-330, CVE-2010-2703-ERROR, CVE-2010-2704, HPSBMA02558, SSRT010158, SSRT100158, VIGILANCE-VUL-9781.

Description of the vulnerability

The HP OpenView Network Node Manager product is used to manage a computer network.

Some CGI scripts do not correctly check the size of their parameters, which generates a buffer overflow.

A remote attacker can therefore use a vulnerability of HP OpenView Network Node Manager, in order to execute code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2010-1550 CVE-2010-1551 CVE-2010-1552

OpenView NNM: code execution

Synthesis of the vulnerability

Six vulnerabilities of HP OpenView Network Node Manager can be used by a remote attacker to execute code.
Impacted products: OpenView, OpenView NNM.
Severity: 3/4.
Consequences: administrator access/rights, user access/rights.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 6.
Creation date: 11/05/2010.
Revisions dates: 12/05/2010, 05/07/2010.
Identifiers: BID-40065, BID-40067, BID-40068, BID-40070, BID-40071, BID-40072, c02153379, CERTA-2010-AVI-213, CVE-2010-1550, CVE-2010-1551, CVE-2010-1552, CVE-2010-1553, CVE-2010-1554, CVE-2010-1555, HPSBMA02527, SSRT010098, SSRT090225, SSRT090226, SSRT090227, SSRT090228, SSRT090229, SSRT090230, VIGILANCE-VUL-9637, ZDI-10-081, ZDI-10-082, ZDI-10-083, ZDI-10-084, ZDI-10-085, ZDI-10-086, ZDI-CAN-563, ZDI-CAN-564, ZDI-CAN-566, ZDI-CAN-573, ZDI-CAN-574, ZDI-CAN-575.

Description of the vulnerability

Six vulnerabilities were announced in HP OpenView Network Node Manager.

An attacker can use the "sel" variable, in order to generate a format string attack in ovet_demandpoll.exe. [severity:3/4; BID-40065, CERTA-2010-AVI-213, CVE-2010-1550, SSRT090225, ZDI-10-081, ZDI-CAN-563]

An attacker can use a long "sel" variable, in order to generate a buffer overflow in netmon.exe. [severity:3/4; BID-40067, CVE-2010-1551, SSRT090226, ZDI-10-082, ZDI-CAN-564]

An attacker can use a long "act" or "app" variable, in order to generate a buffer overflow in snmpviewer.exe. [severity:3/4; BID-40068, CVE-2010-1552, SSRT090227, ZDI-10-083, ZDI-CAN-566]

An attacker can use a long "MaxAge" variable, in order to generate a buffer overflow in getnnmdata.exe. [severity:3/4; BID-40070, CVE-2010-1553, SSRT090228, ZDI-10-084, ZDI-CAN-573]

An attacker can use a long "ICount" variable, in order to generate a buffer overflow in getnnmdata.exe. [severity:3/4; BID-40071, CVE-2010-1554, SSRT090229, ZDI-10-085, ZDI-CAN-574]

An attacker can use a long "Hostname" variable, in order to generate a buffer overflow in getnnmdata.exe. [severity:3/4; BID-40072, CVE-2010-1555, SSRT090230, ZDI-10-086, ZDI-CAN-575]

These vulnerabilities can be used by a remote attacker to execute code.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2009-0898 CVE-2009-3845 CVE-2009-3846

HP OpenView Network Node Manager: several vulnerabilities

Synthesis of the vulnerability

Several vulnerabilities of HP OpenView Network Node Manager lead to code execution.
Impacted products: OpenView, OpenView NNM.
Severity: 3/4.
Consequences: administrator access/rights, user access/rights, denial of service on service.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 12.
Creation date: 09/12/2009.
Revisions dates: 11/12/2009, 22/01/2010.
Identifiers: BID-37261, BID-37294, BID-37295, BID-37296, BID-37298, BID-37299, BID-37300, BID-37330, BID-37340, BID-37341, BID-37343, BID-37345, BID-37347, BID-37348, c01950877, CERTA-2009-AVI-544, CVE-2009-0898, CVE-2009-3845, CVE-2009-3846, CVE-2009-3847, CVE-2009-3848, CVE-2009-3849, CVE-2009-4176, CVE-2009-4177, CVE-2009-4178, CVE-2009-4179, CVE-2009-4180, CVE-2009-4181, HPSBMA02483, SSRT090037, SSRT090122, SSRT090128, SSRT090129, SSRT090130, SSRT090131, SSRT090132, SSRT090133, SSRT090134, SSRT090135, SSRT090164, SSRT090257, SSRT09101, TPTI-09-08, TPTI-09-09, TPTI-09-10, TPTI-09-11, TPTI-09-12, TPTI-09-13, TPTI-09-14, VIGILANCE-VUL-9264, ZDI-09-09, ZDI-09-095, ZDI-09-096, ZDI-09-097.

Description of the vulnerability

Several vulnerabilities were announced in HP OpenView Network Node Manager.

An unknown vulnerability can be used by a remote attacker in order to execute code. [severity:3/4; BID-37294, CERTA-2009-AVI-544, CVE-2009-0898, SSRT09101]

An attacker can directly send commands to the Perl CGI interpreter. [severity:3/4; BID-37300, CVE-2009-3845, SSRT090037, ZDI-09-09]

An attacker can use a long user/password in the ovlogin.exe CGI, in order to generate a buffer overflow. [severity:3/4; BID-37295, CVE-2009-3846, SSRT090122, TPTI-09-08]

An attacker can post long variables for Snmp.exe, which creates a buffer overflow. [severity:3/4; BID-37299, BID-37345, CVE-2009-3847, SSRT090128, ZDI-09-095]

An attacker can post long variables for nnmRptConfig.exe, which creates a buffer overflow in vsprintf(). [severity:3/4; BID-37296, CVE-2009-3848, SSRT090129, ZDI-09-096]

An attacker can post long variables for nnmRptConfig.exe, which creates a buffer overflow in strcat(). [severity:3/4; BID-37298, CVE-2009-3849, SSRT090130, ZDI-09-097]

An attacker can use a long user/password in the ovsessionmgr.exe CGI, in order to generate a buffer overflow. [severity:3/4; BID-37330, CVE-2009-4176, SSRT090131, TPTI-09-09]

An attacker can use a long Host header, in order to generate a buffer overflow in webappmon.exe. [severity:3/4; BID-37341, CVE-2009-4177, SSRT090132, TPTI-09-10]

An attacker can generate a buffer overflow in the OvWebHelp.exe CGI application. [severity:3/4; BID-37340, CVE-2009-4178, SSRT090133, TPTI-09-11]

An attacker can use a long Accept-Language header, in order to generate a buffer overflow in ovalarm.exe. [severity:3/4; BID-37347, CVE-2009-4179, SSRT090134, TPTI-09-12]

An attacker can use a long Host header, in order to generate a buffer overflow in snmpviewer.exe. [severity:3/4; BID-37348, CVE-2009-4180, SSRT090135, TPTI-09-13]

An attacker can post long variables for jovgraph.exe/ovwebsnmpsrv.exe, which creates a buffer overflow. [severity:3/4; BID-37343, CVE-2009-4181, SSRT090164, TPTI-09-14]

A remote attacker can use these vulnerabilities to generate a denial of service or to execute code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2009-3840 CVE-2010-2710

HP OpenView Network Node Manager: denial of service

Synthesis of the vulnerability

An remote attacker can send a specially crafted packet to port 2690/tcp in order to generate a denial of service.
Impacted products: OpenView, OpenView NNM.
Severity: 2/4.
Consequences: denial of service on service.
Provenance: intranet client.
Number of vulnerabilities in this bulletin: 2.
Creation date: 18/11/2009.
Identifiers: BID-37046, BID-42636, c01926980, CERTA-2009-AVI-506, CVE-2009-3840, CVE-2010-2710, HPSBMA02477, SSRT090177, VIGILANCE-VUL-9205.

Description of the vulnerability

HP Openview Network Node Manager listen on port 2690/tcp.

For certain operations, the received packets contain among other data an error code. The service extracts the error code an shows to the user a corresponding string message. However; if the error code is invalid, the corresponding string is not found triggering an unhandled exception.

An remote attacker can thus send a specially crafted packet to port 2690/tcp in order to generate a denial of service.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.