The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Vulnerability of OpenView NNM: code execution

Synthesis of the vulnerability

Three vulnerabilities of HP OpenView Network Node Manager can be used by a remote attacker to execute code.
Severity of this weakness: 3/4.
Number of vulnerabilities in this bulletin: 3.
Creation date: 02/11/2011.
Revision date: 06/01/2012.
Références of this bulletin: BID-50471, BID-51049, c03054052, CERTA-2011-AVI-611, CVE-2011-3165, CVE-2011-3166, CVE-2011-3167, HPSBMU02712, SSRT100649, VIGILANCE-VUL-11118, ZDI-11-348, ZDI-12-002, ZDI-12-003, ZDI-CAN-1208, ZDI-CAN-1209, ZDI-CAN-1210.

Description of the vulnerability

Three vulnerabilities were announced in HP OpenView Network Node Manager.

An attacker can use a large nameParams parameter for the CGI nnmRptConfig.exe program, in order to execute code. [severity:3/4; BID-51049, CERTA-2011-AVI-611, CVE-2011-3165, ZDI-11-348, ZDI-CAN-1208]

An attacker can create an overflow in the webappmon.exe CGI program, which leads to code execution. [severity:3/4; CVE-2011-3166, ZDI-12-003, ZDI-CAN-1209]

An attacker can use a long textFile option for ov.dll, in order to create an overflow in _OVBuildPath, which leads to code execution. [severity:3/4; CVE-2011-3167, ZDI-12-002, ZDI-CAN-1210]

These vulnerabilities can be used by a remote attacker to execute code.
Full Vigil@nce bulletin... (Free trial)

This security threat impacts software or systems such as OpenView, OpenView NNM.

Our Vigil@nce team determined that the severity of this computer weakness note is important.

The trust level is of type confirmed by the editor, with an origin of intranet client.

This bulletin is about 3 vulnerabilities.

A proof of concept or an attack tool is available, so your teams have to process this alert. An attacker with a technician ability can exploit this computer threat alert.

Solutions for this threat

OpenView NNM: patch.
A patch is available:
  HP-UX (IA) : PHSS_42233
  HP-UX (PA) : PHSS_42232
  Linux RedHatAS2.1 : LXOV_00121
  Linux RedHat4AS-x86_64 : LXOV_00122
  Solaris : PSOV_03535
  Windows : NNM_01213
Full Vigil@nce bulletin... (Free trial)

Computer vulnerabilities tracking service

Vigil@nce provides a computers vulnerabilities workaround. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.