Check Point Advisories

Update Protection against HP OpenView Network Node Manager Denial of Service

Check Point Reference: CPAI-2009-302
Date Published: 25 Nov 2009
Severity: High
Last Updated: Thursday 01 January, 2009
Source: Secunia Advisory: SA37376
Industry Reference:CVE-2009-3840
Protection Provided by:
Who is Vulnerable? HP OpenView Network Node Manager 7.51
HP OpenView Network Node Manager 7.53
Vulnerability Description A denial of service vulnerability exists in HP OpenView Network Node Manager. The flaw is due to a design weakness when processing crafted packets sent to the server. Remote attackers could exploit this vulnerability by sending a malicious request to the affected TCP port. Successful exploitation can lead to a denial of service condition of the target system.
Update/Patch AvaliableThe vendor, HP, has released an advisory addressing this vulnerability:
Hp Support
Vulnerability DetailsThe vulnerability is caused due to an error in the database service (ovdbrun.exe) when processing TCP packets. This can be exploited to terminate the service via a specially crafted packet containing an invalid error code.

Protection Overview

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK