The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

computer vulnerability bulletin CVE-2011-3165 CVE-2011-3166 CVE-2011-3167

OpenView NNM: code execution

Synthesis of the vulnerability

Three vulnerabilities of HP OpenView Network Node Manager can be used by a remote attacker to execute code.
Vulnerable products: OpenView, OpenView NNM.
Severity of this weakness: 3/4.
Consequences of a hack: privileged access/rights, user access/rights.
Hacker's origin: intranet client.
Number of vulnerabilities in this bulletin: 3.
Creation date: 02/11/2011.
Revision date: 06/01/2012.
Références of this bulletin: BID-50471, BID-51049, c03054052, CERTA-2011-AVI-611, CVE-2011-3165, CVE-2011-3166, CVE-2011-3167, HPSBMU02712, SSRT100649, VIGILANCE-VUL-11118, ZDI-11-348, ZDI-12-002, ZDI-12-003, ZDI-CAN-1208, ZDI-CAN-1209, ZDI-CAN-1210.

Description of the vulnerability

Three vulnerabilities were announced in HP OpenView Network Node Manager.

An attacker can use a large nameParams parameter for the CGI nnmRptConfig.exe program, in order to execute code. [severity:3/4; BID-51049, CERTA-2011-AVI-611, CVE-2011-3165, ZDI-11-348, ZDI-CAN-1208]

An attacker can create an overflow in the webappmon.exe CGI program, which leads to code execution. [severity:3/4; CVE-2011-3166, ZDI-12-003, ZDI-CAN-1209]

An attacker can use a long textFile option for ov.dll, in order to create an overflow in _OVBuildPath, which leads to code execution. [severity:3/4; CVE-2011-3167, ZDI-12-002, ZDI-CAN-1210]

These vulnerabilities can be used by a remote attacker to execute code.
Full Vigil@nce bulletin... (Free trial)

Computer vulnerabilities tracking service

Vigil@nce provides application vulnerability analysis. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system. The Vigil@nce vulnerability database contains several thousand vulnerabilities. The technology watch team tracks security threats targeting the computer system.