Some vulnerabilities have been reported in HP OpenView products, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerabilities are caused due to boundary errors in the Shared Trace Service component within ovtrcsvc.exe and OVTrace.exe when handling certain requests. These can be exploited to cause stack-based buffer overflows via sending specially crafted requests (opcode handler 0x1a or 0x0f) to the service.
The vulnerabilities affect the following products and versions:
* HP OpenView Internet Service (OVIS) v6.00, v6.10, v6.11 (Japanese), v6.20 running HP OpenView Cross Platform Component (XPL) vB.60.81.00, vB.60.90.00, and vB.61.90.000
* HP OpenView Performance Manager (OVPM) 5.x and 6.x
* HP OpenView Performance Agent (OVPA) 4.5 and 4.6
* HP OpenView Reporter 3.7
* HP OpenView Operations (OVO) Agents OVO8.x HTTPS agents
* HP OpenView Operations Manager for Windows (OVOW) v7.5 with the OpenView Operations (OVO) add on module for OpenView Operations-Business Availability Center (OVO-BAC)
* HP OpenView Quality Manager (OV SQM) v1.2 SP1, v1.3, v1.40 running HP OpenView Cross Platform Component (XPL) 2.60.041, 2.61.060 and 2.61.110
* HP OpenView Network Node Manager (OV NNM) v6.41, v7.01, v7.50, v7.51 running XPL earlier than 03.10.040
* HP OpenView Business Process Insight (OVBPI), HP Business Process Insight (HPBPI) , HP OpenView Service Desk Process Insight (SDPI), and HP Service Desk Process Insight (HPSDPI) versions 1.0, 1.1x, 2.0x and 2.10x
* HP OpenView Dashboard v2.01 running HP OpenView Cross Platform Component (XPL) vB.60.90.00 and vB.61.90.000
* HP OpenView Performance Insight (OVPI) v5.0, v5.1, v5.1.1, v5.1.2, v5.2 running HP OpenView Cross Platform Component (XPL) earlier than v3.10.040
Solution: Apply hotfixes. Please see the vendor's advisories for details.
Provided and/or discovered by: 1) Cody Pierce, Pedram Amini, and Aaron Portnoy of TippingPoint DV Labs
2) An anonymous researcher, reported via iDefense Labs.
Original Advisory: HPSBMA02235 SSRT061260:
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to email@example.com
Subject: HP OpenView Products Shared Trace Service Buffer Overflows
No posts yet
You must be logged in to post a comment.
Secunia Customer Login
Not a customer already?
Learn more about how our market leading Vulnerability Management solutions can help you manage risk and ensure compliance.