|
Family: Gain root remotely --> Category: infos
HP OpenView NNM multiple services Heap Overflow Vulnerability Scan
Vulnerability Scan Summary Checks for HP OpenView NNM Heap Overflow
Detailed Explanation for this Vulnerability Test
Synopsis :
Arbitrary code can be executed on the remote host due to a flaw in the
HP OpenView Topology Manager Daemon.
Description :
The remote host is running HP OpenView Topology Manager Daemon for IP
discovery and layout.
The remote version of this software is vulnerable to a Heap Overflow
vulnerability.
An unauthenticated attacker can exploit this flaw by sending a
specialy crafted packet to the remote host. A successful exploitation
of this vulnerability would result in remote code execution with the
rights of the daemon itself.
Note that other OV NNM services are vulnerable this flaw as well.
See also :
http://www.securityfocus.com/advisories/8372
Solution :
Install one of the patches listed in the advisory referenced above.
Threat Level:
Critical / CVSS Base Score : 10
(AV:R/AC:L/Au:NR/C:C/A:C/I:C/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|