CERTA-2000-AVI-053
Vulnerability from certfr_avis - Published: - Updated:
Une vulnérabilité à été découverte dans le service d'alarme de HP Openview Node Manager v6.1.
Description
HP Openview Node Manger v6.1 posséde un service d'alarme ( OVALARMSRV ) qui ne vérifie pas correctement certaines variables d'environnement. Un utilisateur distant, mal intentionné, peut provoquer un débordement de pile créant ainsi un déni de service sur ce service.
Solution
Correctifs à appliquer suivant les versions d'OS :
- Sous HP-UX 11.00 : PHSS_22407
- Sous HP-UX 10.X : PHSS_22406
- Sous SOLARIS 2.X : PSOV_02830
- Sous Windows NT4/2000 : NNM_00621
Ces correctifs sont téléchargeables à l'adresse :
http://ovweb.external.hp.com/cpe/patches/
Impacted products
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "HP Openview Node Manager v6.1 sous HP-UX 11.00 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "HP Openview Node Manager v6.1 sous SOLARIS 2.X ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "HP Openview Node Manager v6.1 sous HP-UX 10.X ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "HP Openview Node Manager v6.1 sous Windows NT4/2000.",
"product": {
"name": "Windows",
"vendor": {
"name": "Microsoft",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nHP Openview Node Manger v6.1 poss\u00e9de un service d\u0027alarme ( OVALARMSRV )\nqui ne v\u00e9rifie pas correctement certaines variables d\u0027environnement. Un\nutilisateur distant, mal intentionn\u00e9, peut provoquer un d\u00e9bordement de\npile cr\u00e9ant ainsi un d\u00e9ni de service sur ce service.\n\n## Solution\n\nCorrectifs \u00e0 appliquer suivant les versions d\u0027OS :\n\n- Sous HP-UX 11.00 : PHSS_22407\n- Sous HP-UX 10.X : PHSS_22406\n- Sous SOLARIS 2.X : PSOV_02830\n- Sous Windows NT4/2000 : NNM_00621\n\nCes correctifs sont t\u00e9l\u00e9chargeables \u00e0 l\u0027adresse :\n\n http://ovweb.external.hp.com/cpe/patches/\n",
"cves": [],
"links": [
{
"title": "Site HP :",
"url": "http://itrc.hp.com"
}
],
"reference": "CERTA-2000-AVI-053",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2000-09-28T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "D\u00e9ni de service"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 \u00e0 \u00e9t\u00e9 d\u00e9couverte dans le service d\u0027alarme de HP\nOpenview Node Manager v6.1.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans HP OpenView",
"vendor_advisories": [
{
"published_at": null,
"title": "NTBugTraq",
"url": null
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…