|
|
|
Credit:
The original article can be found at: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02000725
|
|
Vulnerable Systems:
* HP OpenView Network Node Manager (OV NNM) v7.51
* HP OpenView Network Node Manager (OV NNM) v7.53
Potential security vulnerabilities have been identified with the Java Runtime Environment (JRE) and Java Developer Kit (JDK) delivered with HP OpenView Network Node Manager (OV NNM). These vulnerabilities may allow remote unauthorized access, privilege escalation, execution of arbitrary code, and creation of a Denial of Service (DoS).
Patch Availability:
HP has made patches available to resolve the vulnerabilities for NNM v7.53.
The patches are available from
http://support.openview.hp.com/selfsolve/patches
Note: The patches are not available from the HP IT Resource Center (ITRC).
OV NNM v7.53
Operating_System / Patch
HP-UX (IA) / PHSS_40374 or subsequent
HP-UX (PA) / PHSS_40375 or subsequent
Linux RedHatAS2.1 / LXOV_00101 or subsequent
Linux RedHat4AS-x86_64 / LXOV_00102 or subsequent
Solaris / PSOV_03525 or subsequent
Windows / NNM_01201 or subsequent
OV NNM v7.51
Upgrade to NNM v7.53 and apply the NNM v7.53 resolution listed above.
Patch bundles for upgrading from NNM v7.51 to NNM v7.53 are available using ftp:
Host / Account / Password
ftp.usa.hp.com / nnm_753 / Update53
CVE Information:
CVE-2008-2086
CVE-2008-5339
CVE-2008-5340
CVE-2008-5341
CVE-2008-5342
CVE-2008-5343
CVE-2008-5344
CVE-2008-5345
CVE-2008-5347
CVE-2008-5348
CVE-2008-5350
CVE-2008-5351
CVE-2008-5353
CVE-2008-5354
CVE-2008-5356
CVE-2008-5357
CVE-2008-5358
CVE-2008-5359
CVE-2008-5360
Disclosure Timeline:
Release Date: 2010-02-09
Last Updated: 2010-02-09
|
|
|
|