Secunia CSI7
Advisories
Research
Forums
Create Profile
Our Commitment
Database
Search
Advisories by Product
Advisories by Vendor
Terminology
Report Vulnerability
Insecure Library Loading
Moderately critical

HP OpenView Products Shared Trace Service Buffer Overflows

-

Release Date:  2007-08-10    Last Update:  2008-04-09    Views:  15,582

Secunia Advisory SA26394

Where:

From local network

Impact:

System access

Solution Status:

Vendor Patch

Software:

CVE Reference(s):

Description


Some vulnerabilities have been reported in HP OpenView products, which can be exploited by malicious people to compromise a vulnerable system.

The vulnerabilities are caused due to boundary errors in the Shared Trace Service component within ovtrcsvc.exe and OVTrace.exe when handling certain requests. These can be exploited to cause stack-based buffer overflows via sending specially crafted requests (opcode handler 0x1a or 0x0f) to the service.

The vulnerabilities affect the following products and versions:
* HP OpenView Internet Service (OVIS) v6.00, v6.10, v6.11 (Japanese), v6.20 running HP OpenView Cross Platform Component (XPL) vB.60.81.00, vB.60.90.00, and vB.61.90.000
* HP OpenView Performance Manager (OVPM) 5.x and 6.x
* HP OpenView Performance Agent (OVPA) 4.5 and 4.6
* HP OpenView Reporter 3.7
* HP OpenView Operations (OVO) Agents OVO8.x HTTPS agents
* HP OpenView Operations Manager for Windows (OVOW) v7.5 with the OpenView Operations (OVO) add on module for OpenView Operations-Business Availability Center (OVO-BAC)
* HP OpenView Quality Manager (OV SQM) v1.2 SP1, v1.3, v1.40 running HP OpenView Cross Platform Component (XPL) 2.60.041, 2.61.060 and 2.61.110
* HP OpenView Network Node Manager (OV NNM) v6.41, v7.01, v7.50, v7.51 running XPL earlier than 03.10.040
* HP OpenView Business Process Insight (OVBPI), HP Business Process Insight (HPBPI) , HP OpenView Service Desk Process Insight (SDPI), and HP Service Desk Process Insight (HPSDPI) versions 1.0, 1.1x, 2.0x and 2.10x
* HP OpenView Dashboard v2.01 running HP OpenView Cross Platform Component (XPL) vB.60.90.00 and vB.61.90.000
* HP OpenView Performance Insight (OVPI) v5.0, v5.1, v5.1.1, v5.1.2, v5.2 running HP OpenView Cross Platform Component (XPL) earlier than v3.10.040


Solution:
Apply hotfixes. Please see the vendor's advisories for details.

Provided and/or discovered by:
1) Cody Pierce, Pedram Amini, and Aaron Portnoy of TippingPoint DV Labs
2) An anonymous researcher, reported via iDefense Labs.

Original Advisory:
HPSBMA02235 SSRT061260:
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01106515

HPSBMA02236 SSRT061260:
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109171

HPSBMA02237 SSRT061260:
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109584

HPSBMA02238 SSRT061260:
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01109617

HPSBMA02239 SSRT061260:
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01110576

HPSBMA02240 SSRT061260:
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01110627

HPSBMA02241 SSRT061260:
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01111851

HPSBMA02242 SSRT061260:
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01112038

HPSBMA02244 SSRT061260:
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01114023

HPSBMA02245 SSRT061260:
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01114156

HPSBMA02246 SSRT061260:
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01115068

iDefense Labs:
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=574

TippingPoint:
http://dvlabs.tippingpoint.com/advisory/TPTI-07-14

Deep Links:
Links available to Secunia VIM customers

Do you have additional information related to this advisory?

Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this information to vuln@secunia.com

Subject: HP OpenView Products Shared Trace Service Buffer Overflows

No posts yet

-

You must be logged in to post a comment.



 Products Solutions Customers Partner Resources Company
 
 Corporate
Vulnerability Intelligence Manager (VIM)
Corporate Software Inspector (CSI)
Consumer
Personal Software Inspector (PSI)
Online Software Inspector (OSI)
 Industry
Compliance
Technology
Integration
 Customers
Testimonials
 VARS
MSSP
Technology Partners
References
 Factsheets
Reports
Webinars
Events
 About us
Careers
Memberships
Newsroom


 
© 2002-2014 Secunia ApS - Rued Langgaards Vej 8, 4th floor, DK-2300 Copenhagen, Denmark - +45 7020 5144
Terms & Conditions and Copyright - Privacy - Report Vulnerability