Privacy and Legal Notice

DOE-CIRC TECHNICAL BULLETIN

T-274: HP OpenView Network Node Manager Remote Denial of Service Vulnerability

[CVE-2009-3840]

November 18, 2009 17:00 GMT
PROBLEM: A vulnerability was reported in HP OpenView. A remote user can execute arbitrary code on the target system. A remote user can cause denial of service conditions.
PLATFORM: HP OpenView Network Node Manager (OV NNM) v7.51, v7.53 running on HP-UX, Linux, Solaris, and Windows
ABSTRACT: A remote user can send specially crafted data with an invalid error code number to the 'ovdbrun.exe' database service on TCP port 2690 to cause the target service to crash or potentially execute arbitrary code.
LINKS:  
  DOE-CIRC BULLETIN: http://www.doecirc.energy.gov/bulletins/t-274.shtml
  OTHER LINKS: Security Tracker
http://securitytracker.com/alerts/2009/Nov/1023191.html

  CVE: CVE-2009-3840
IMPACT ASSESSMENT: This risk is medium. A remote user can execute arbitrary code or create a denial of service on the targeted system. 
[***** Start CVE-2009-3840 *****]
Discussion:
A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). The vulnerability could be exploited remotely to create a Denial of Service (DoS)

Vulnerable:
HP OpenView Network Node Manager (OV NNM) v7.51, v7.53 running on HP-UX, Linux, Solaris, and Windows

Solution:
HP has made archive files available to resolve the vulnerability for NNM v7.53. The archive files require that certain patches be installed first.

The patches are available from http://support.openview.hp.com/selfsolve/patches 


[***** End CVE-2009-3840 *****]
DOE-CIRC services are available to DOE, DOE Contractors, and the NIH. DOE-CIRC can be contacted at: 
    Voice:          866-941-2472
    E-mail:          doecirc@doecirc.energy.gov
    World Wide Web:  http://www.doecirc.energy.gov
UCRL-MI-119788