Public Safety Canada
publicsafety.gc.ca
Home > Programs > Response > CCIRC > Analytical releases 2010 > AV10-026: Multiple Vulnerabilities in HP OpenView Network Node Manager
Number: AV10-026 Date: 03 August 2010
The purpose of this advisory is to raise awareness of multiple remotely exploitable vulnerabilities in some versions of HP OpenView Network Node Manager.
The following three high severity vulnerabilities have been recently identified in HP OpenView Network Node Manager Software product:
CVE-2010-2709 CVSS Rating: 7.5, High Release Date: 3 August 2010 This vulnerability could be exploited remotely to execute arbitrary code under the context of the user running the web server. Reference: http://securitytracker.com/alerts/2010/Aug/1024274.html http://seclists.org/bugtraq/2010/Aug/21
CVE-2010-2704 CVSS Rating: 10, High Release Date: 21 July 2010 Updated: 28 July 2010 A remote user can send specially crafted data to trigger a buffer overflow in nnmrptconfig.exe and execute arbitrary code on the target system. The code will run with the privileges of the target web service. Reference: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02290344 http://securitytracker.com/alerts/2010/Jul/1024238.html http://www.vupen.com/english/advisories/2010/1866 http://www.securityfocus.com/archive/1/archive/1/512544/100/0/threaded
CVE-2010-2703 CVSS Rating: 10, High Release Date: 20 July 2010 Updated: 28 July 2010 A remote user can send specially crafted data to trigger a buffer overflow in ov.dll and execute arbitrary code on the target system. The code will run with the privileges of the target service. Only Windows-based systems are affected. Reference: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02286088 http://securitytracker.com/alerts/2010/Jul/1024224.html http://www.vupen.com/english/advisories/2010/1866 http://www.securityfocus.com/archive/1/archive/1/512552/100/0/threaded
A vendor fix is available for each of these vulnerabilities.
Affected Products:
CCIRC recommends that organizations liaise with the administrators/maintainers of the affected products to assess exposure and apply vendor-recommended updates and/or workarounds as appropriate.
The Canadian Cyber Incident Response Centre (CCIRC) provides a focal point for Canada's cyber threat and vulnerability warning, analysis and response. CCIRC is responsible for assuring the resilience of national critical infrastructure through monitoring threats and coordinating a federal response to cyber security incidents of national interest. CCIRC operates in conjunction with the Government Operations Centre (GOC) within Public Safety Canada and is a key component of the government's all-hazards approach to emergency management and national security.
For general information, please contact Public Safety Canada's Public Affairs division at:
Telephone: 613-944-4875 or 1-800-830-3118 Fax: 613-998-9589 E-mail: communications@ps-sp.gc.ca