---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/ ---------------------------------------------------------------------- TITLE: HP OpenView Application Manager using Radia Buffer Overflows SECUNIA ADVISORY ID: SA15567 VERIFY ADVISORY: http://secunia.com/advisories/15567/ CRITICAL: Moderately critical IMPACT: System access WHERE: >From local network SOFTWARE: HP OpenView Application Manager using Radia 4.x http://secunia.com/product/5203/ HP OpenView Application Manager using Radia 3.x http://secunia.com/product/5202/ HP OpenView Application Manager using Radia 2.x http://secunia.com/product/5201/ DESCRIPTION: John Cartwright has reported some vulnerabilities in HP OpenView Application Manager using Radia, which can be exploited by malicious people to compromise a vulnerable system. 1) A boundary error in the "nvd_exec()" function in the Radia Notify Daemon can be exploited to cause a stack-based buffer overflow by sending a specially crafted request with an overly long parameter (more than 512 bytes). Successful exploitation allows execution of arbitrary code. 2) A boundary error in the processing of command variable extensions in the Radia Notify Daemon can be exploited to cause a stack-based buffer overflow by sending a specially crafted request with an overly long file extension. Successful exploitation allows execution of arbitrary code. The vulnerabilities affect versions 2.x, 3.x, and 4.x. SOLUTION: Apply patches (see vendor advisory). PROVIDED AND/OR DISCOVERED BY: John Cartwright ORIGINAL ADVISORY: SSRT5962: http://itrc.hp.com/service/cki/docDisplay.do?docId=HPSBMA01143 John Cartwright: http://www.grok.org.uk/advisories/radexecd.html ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------