Critical holes in HP OpenView NetworkManager
Security experts have discovered critical vulnerabilities in Hewlett Packard's OpenView NetworkManager IT software. Due to buffer overflows, remote attackers can potentially take full control of systems that run a vulnerable version of the software. HP says that versions 7.01, 7.51 and 7.53 are affected.
The vendor has confirmed the problems discovered by Core Security security specialists and has released an advisory about the issue. Patches can be downloaded to fix the problem. HP recommends that the admins of affected systems act immediately and update their vulnerable systems.
See also:
- HP OPENVIEW BUFFER Overflows, original advisory by Core Security
- HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code, advisory by HP
(crve)