|The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.|
OpenView NNM: code execution
Synthesis of the vulnerability
Three vulnerabilities of HP OpenView Network Node Manager can be used by a remote attacker to execute code.
Vulnerable products: OpenView, OpenView NNM.
Severity of this weakness: 3/4.
Consequences of a hack: privileged access/rights, user access/rights.
Hacker's origin: intranet client.
Number of vulnerabilities in this bulletin: 3.
Creation date: 02/11/2011.
Revision date: 06/01/2012.
Références of this bulletin: BID-50471, BID-51049, c03054052, CERTA-2011-AVI-611, CVE-2011-3165, CVE-2011-3166, CVE-2011-3167, HPSBMU02712, SSRT100649, VIGILANCE-VUL-11118, ZDI-11-348, ZDI-12-002, ZDI-12-003, ZDI-CAN-1208, ZDI-CAN-1209, ZDI-CAN-1210.
Description of the vulnerability
Three vulnerabilities were announced in HP OpenView Network Node Manager.
An attacker can use a large nameParams parameter for the CGI nnmRptConfig.exe program, in order to execute code. [severity:3/4; BID-51049, CERTA-2011-AVI-611, CVE-2011-3165, ZDI-11-348, ZDI-CAN-1208]
An attacker can create an overflow in the webappmon.exe CGI program, which leads to code execution. [severity:3/4; CVE-2011-3166, ZDI-12-003, ZDI-CAN-1209]
An attacker can use a long textFile option for ov.dll, in order to create an overflow in _OVBuildPath, which leads to code execution. [severity:3/4; CVE-2011-3167, ZDI-12-002, ZDI-CAN-1210]
These vulnerabilities can be used by a remote attacker to execute code.
Full Vigil@nce bulletin... (Free trial)
Computer vulnerabilities tracking service
Vigil@nce provides application vulnerability analysis. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system. The Vigil@nce vulnerability database contains several thousand vulnerabilities. The technology watch team tracks security threats targeting the computer system.