| VID |
23141 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
Daemon |
| Detailed Description |
The HP OpenView Topology Manager service is detected as being vulnerable to a heap-based overflow vulnerability. HP OpenView Topology Manager Daemon is part of the HP OpenView Management suite used for IP discovery and layout. HP OpenView Network Node Manager (NNM) versions 6.2 through 6.4, and 7.01 through 7.50 are vulnerable to a heap-based buffer overflow vulnerability. By sending a specially crafted packet to the vulnerable server (default port 2532/TCP), a remote unauthenticated attacker can execute arbitrary code on the system with the privileges of the daemon itself.
* References:
http://www.securitytracker.com/alerts/2005/Apr/1013651.html
* Platforms Affected:
HP OpenView Network Node Manager 6.2 through 6.4, and 7.01 through 7.50
Any operating system Any version |
| Recommendation |
Apply the appropriate patch for your system, as listed in Hewlett-Packard Company Security Bulletin HPSBMA01125 at http://www.securityfocus.com/advisories/8372 |
| Related URL |
CVE-2005-1056 (CVE) |
| Related URL |
13029 (SecurityFocus) |
| Related URL |
19993 (ISS) |
|
