Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: Gain root remotely --> Category: infos

HP OpenView NNM multiple services Heap Overflow Vulnerability Scan


Vulnerability Scan Summary
Checks for HP OpenView NNM Heap Overflow

Detailed Explanation for this Vulnerability Test

Synopsis :

Arbitrary code can be executed on the remote host due to a flaw in the
HP OpenView Topology Manager Daemon.

Description :

The remote host is running HP OpenView Topology Manager Daemon for IP
discovery and layout.

The remote version of this software is vulnerable to a Heap Overflow
vulnerability.

An unauthenticated attacker can exploit this flaw by sending a
specialy crafted packet to the remote host. A successful exploitation
of this vulnerability would result in remote code execution with the
rights of the daemon itself.

Note that other OV NNM services are vulnerable this flaw as well.

See also :

http://www.securityfocus.com/advisories/8372

Solution :

Install one of the patches listed in the advisory referenced above.

Threat Level:

Critical / CVSS Base Score : 10
(AV:R/AC:L/Au:NR/C:C/A:C/I:C/B:N)

Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.