HP OpenView Network Node Manager Database Service Denial of Service
SECUNIA ADVISORY ID: SA37376
VERIFY ADVISORY: http://secunia.com/advisories/37376/
DESCRIPTION: Damián Frizza has reported a vulnerability in HP OpenView Network Node Manager, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an error in the database service (ovdbrun.exe) when processing TCP packets. This can be exploited to terminate the service via a specially crafted packet sent to TCP port 2690, containing an invalid error code.
The vulnerability is reported in versions 7.51 and 7.53 running on HP-UX, Linux, Solaris, and Windows.
SOLUTION: Apply patches via FTP. Please see the vendor’s advisory for more details.
– HP OpenView Network Node Manager 7.53 –
HP-UX (IA): Apply patch PHSS_38489 or subsequent (solid_hotfix_HPUXIA.tar).
HP-UX (PA): Apply patch PHSS_38488 or subsequent (solid_hotfix_HPUXPA.tar).
Linux RedHatAS2.1: Apply patch LXOV_00087 or subsequent as soon as available.
Linux RedHat4AS-x86_64: Apply LXOV_00088 or subsequent (solid_hotfix_Linux2.6.tar).
Solaris: Apply PSOV_03515 or subsequent (ovdbcheck_hotfix_solaris.tar, solid_hotfix_Solaris.tar).
Windows: Apply NNM_01193 or subsequent (solid_hotfix_windows.zip).
— HP OpenView Network Node Manager 7.51 –
Upgrade to version 7.53 and apply patches.
PROVIDED AND/OR DISCOVERED BY: Damián Frizza, Core Security Technologies
ORIGINAL ADVISORY: HPSBMA02477 SSRT090177: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01926980
Core Security Technologies: http://www.coresecurity.com/content/openview_nnm_internaldb_dos
———————————————————————-