---------------------------------------------------------------------- Secunia is pleased to announce the release of the annual Secunia report for 2008. Highlights from the 2008 report: * Vulnerability Research * Software Inspection Results * Secunia Research Highlights * Secunia Advisory Statistics Request the full 2008 Report here: http://secunia.com/advisories/try_vi/request_2008_report/ Stay Secure, Secunia ---------------------------------------------------------------------- TITLE: HP OpenView Network Node Manager Buffer Overflow Vulnerabilities SECUNIA ADVISORY ID: SA34444 VERIFY ADVISORY: http://secunia.com/advisories/34444/ DESCRIPTION: Core Security Technologies has reported some vulnerabilities in HP OpenView Network Node Manager, which can be exploited by malicious people to potentially compromise a vulnerable system. 1) A boundary error can be exploited to cause a stack-based buffer overflow via an HTTP request containing an overly long "OvOSLocale" parameter sent to Toolbar.exe. 2) A boundary error can be exploited to cause a heap-based buffer overflow via an HTTP request request containing an overly long "OvAcceptLang" parameter sent to Toolbar.exe. 3) A boundary error when processing HTTP requests sent to the "Toolbar.exe" CGI application can be exploited to cause a heap-based buffer overflow via an overly long "Accept-Language" header. Successful exploitation of the vulnerabilities may allow execution of arbitrary code. The vulnerabilities are reported in versions 7.01, 7.51, and 7.53 running on HP-UX, Linux, Solaris, and Windows. SOLUTION: Install patches and apply hotfix. http://support.openview.hp.com/selfsolve/patches ftp://ss090008:ss090008@hprc.external.hp.com/ -- OV NNM v7.53 -- HP-UX (IA): Install PHSS_38783 or subsequent and apply SSRT090008.QCCR1B26779.hotfix.tar. HP-UX (PA): Install PHSS_38782 or subsequent and apply SSRT090008.QCCR1B26779.hotfix.tar. Linux RedHatAS2.1: Install LXOV_00089 or subsequent and apply SSRT090008.QCCR1B26779.hotfix.tar. Linux RedHat4AS-x86_64: Install LXOV_00090 or subsequent and apply SSRT090008.QCCR1B26779.hotfix.tar. Solaris: Install PSOV_03517 or subsequent and apply SSRT090008.QCCR1B26779.hotfix.tar. Windows: Install NNM_01195 or subsequent and apply SSRT090008.QCCR1B26779.hotfix.tar. -- OV NNM v7.51 -- Upgrade to NNM v7.53 and install the patches listed above. Patch bundles for upgrading from NNM v7.51 to NNM v5.53 are available here: ftp://nnm_753:update@hprc.external.hp.com/ -- OV NNM v7.01 -- HP-UX (PA): Install PHSS_38761 or subsequent and apply SSRT090008.QCCR1B26779.hotfix.tar. Solaris: Install PSOV_03516 or subsequent and apply SSRT090008.QCCR1B26779.hotfix.tar. Windows: Install NNM_01194 or subsequent and apply SSRT090008.QCCR1B26779.hotfix.tar. PROVIDED AND/OR DISCOVERED BY: Oren Isacson, Core Security Technologies. ORIGINAL ADVISORY: HPSBMA02416 SSRT090008: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01696729 Core Security: http://www.coresecurity.com/content/openview-buffer-overflows ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------