|
 |
|
HP OpenView Products Shared Trace Service Buffer Overflows
|
|
|
|
|
Secunia Advisory:
|
SA26394
|
|
|
Release Date:
|
2007-08-10
|
|
Last Update:
|
2008-04-09
|
|
|
Critical:
|

Moderately critical
|
|
Impact:
|
System access
|
|
Where:
|
From local network
|
|
Solution Status:
|
Vendor Patch
|
|
| Software: | HP Business Process Insight (HPBPI) 1.x HP Business Process Insight (HPBPI) 2.x HP OpenView Business Process Insight (OVBPI) 1.x HP OpenView Business Process Insight (OVBPI) 2.x HP OpenView Dashboard 2.x HP OpenView Internet Service (OVIS) 6.x HP OpenView Network Node Manager (NNM) 6.x HP OpenView Network Node Manager (NNM) 7.x HP OpenView Operations HTTPS Agent 8.x HP OpenView Operations Manager for Windows (OVOW) 7.x HP OpenView Performance Agent HP OpenView Performance Insight (OVPI) 5.x HP OpenView Performance Manager (OVPM) 5.x HP OpenView Performance Manager (OVPM) 6.x HP OpenView Reporter 3.x HP OpenView Service Desk Process Insight (SDPI) 1.x HP OpenView Service Desk Process Insight (SDPI) 2.x HP OpenView Service Quality Manager (OV SQM) 1.x HP Service Desk Process Insight (HPSDPI) 1.x HP Service Desk Process Insight (HPSDPI) 2.x
|
| | CVE reference: | CVE-2007-1676 (Secunia mirror) CVE-2007-3872 (Secunia mirror)
|
|
|
Want to know the next time vulnerabilities are fixed in this product? - Companies can be alerted via email and SMS! |
|
|
Description: Some vulnerabilities have been reported in HP OpenView products, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerabilities are caused due to boundary errors in the Shared Trace Service component within ovtrcsvc.exe and OVTrace.exe when handling certain requests. These can be exploited to cause stack-based buffer overflows via sending specially crafted requests (opcode handler 0x1a or 0x0f) to the service.
The vulnerabilities affect the following products and versions:
* HP OpenView Internet Service (OVIS) v6.00, v6.10, v6.11 (Japanese), v6.20 running HP OpenView Cross Platform Component (XPL) vB.60.81.00, vB.60.90.00, and vB.61.90.000
* HP OpenView Performance Manager (OVPM) 5.x and 6.x
* HP OpenView Performance Agent (OVPA) 4.5 and 4.6
* HP OpenView Reporter 3.7
* HP OpenView Operations (OVO) Agents OVO8.x HTTPS agents
* HP OpenView Operations Manager for Windows (OVOW) v7.5 with the OpenView Operations (OVO) add on module for OpenView Operations-Business Availability Center (OVO-BAC)
* HP OpenView Quality Manager (OV SQM) v1.2 SP1, v1.3, v1.40 running HP OpenView Cross Platform Component (XPL) 2.60.041, 2.61.060 and 2.61.110
* HP OpenView Network Node Manager (OV NNM) v6.41, v7.01, v7.50, v7.51 running XPL earlier than 03.10.040
* HP OpenView Business Process Insight (OVBPI), HP Business Process Insight (HPBPI) , HP OpenView Service Desk Process Insight (SDPI), and HP Service Desk Process Insight (HPSDPI) versions 1.0, 1.1x, 2.0x and 2.10x
* HP OpenView Dashboard v2.01 running HP OpenView Cross Platform Component (XPL) vB.60.90.00 and vB.61.90.000
* HP OpenView Performance Insight (OVPI) v5.0, v5.1, v5.1.1, v5.1.2, v5.2 running HP OpenView Cross Platform Component (XPL) earlier than v3.10.040
Solution: Apply hotfixes. Please see the vendor's advisories for details.
Provided and/or discovered by: 1) Cody Pierce, Pedram Amini, and Aaron Portnoy of TippingPoint DV Labs
2) An anonymous researcher, reported via iDefense Labs.
Changelog: 2007-08-15: Updated "Description" and credits section. Added link to TippingPoint. Added CVE reference.
2007-08-20: Updated "Description" section to include HP OpenView Network Node Manager version 7.51 in list of affected versions.
2007-08-31: The vendor has updated HPSBMA02239 SSRT061260 with information about OV NNM and that patches PHSS_35457 and ITOSOL_00530 are available.
2008-04-09: The vendor has updated HPSBMA02242 SSRT061260 with information about OV NNM and that patches are available.
Original Advisory: HPSBMA02235 SSRT061260:
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01106515
HPSBMA02236 SSRT061260:
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109171
HPSBMA02237 SSRT061260:
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109584
HPSBMA02238 SSRT061260:
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109617
HPSBMA02239 SSRT061260:
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01110576
HPSBMA02240 SSRT061260:
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01110627
HPSBMA02241 SSRT061260:
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01111851
HPSBMA02242 SSRT061260:
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01112038
HPSBMA02244 SSRT061260:
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01114023
HPSBMA02245 SSRT061260:
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01114156
HPSBMA02246 SSRT061260:
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01115068
iDefense Labs:
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=574
TippingPoint:
http://dvlabs.tippingpoint.com/advisory/TPTI-07-14
|
|
|
|
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
|
|
|
16 Related Secunia Security Advisories, displaying 10
|
|
|
1. HP OpenView Network Node Manager Multiple Vulnerabilities
|
|
2. HP OpenView Network Node Manager Multiple Vulnerabilities
|
|
3. HP OpenView Network Node Manager ovspmd.exe Buffer Overflow
|
|
4. HP OpenView Network Node Manager Buffer Overflow Vulnerability
|
|
5. HP OpenView Network Node Manager Denial of Service
|
|
6. HP OpenView Network Node Manager Multiple Vulnerabilities
|
|
7. HP OpenView Network Node Manager Unspecified Cross-Site Scripting
|
|
8. HP OpenView Network Node Manager Unspecified Unauthorized Access
|
|
9. HP OpenView Network Node Manager Insecure Default Directory Permissions
|
|
10. HP OpenView Network Node Manager Two Vulnerabilities
|
Show all related advisories
|
|
|
Send Feedback to Secunia
|
|
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.
|
|
|
|

|
 |
Secunia PSI Scan | Patch | Track Free Download
|
|
|
Secunia Poll
|
|
|
|
|
 |
|
|
Most Popular Advisories
|
|
|
|
|
|