|
|
|
|
| |
Credit:
The information has been provided by iDefense.
The original article can be found at: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=810
|
| |
Vulnerable Systems:
* HP Network Node Manager version 7.53 for Linux
The vulnerability exists within the 'rping' application, which is distributed with the Linux version of NNM. It is possible for a remote attacker to launch the 'rping' application and trigger a stack based buffer overflow.
Exploitation of this vulnerability results in the execution of arbitrary code with the privileges of the affected service. On RedHat Enterprise 4, the application is started as the user 'bin'. 'rping' is not compiled with compiler protections such as stack cookies or the -pie flag, which makes exploitation less difficult.
Patch Availability:
Hewlett-Packard Development Co. LP (HP) has released a patch which addresses this issue. http://support.openview.hp.com/selfsolve/patches
CVE Information:
CVE-2009-1420
Disclosure Timeline:
05/19/2008 - Initial Contact
07/10/2008 - Initial Vendor Reply
06/30/2008 - Vendor validated issue
06/30/2008 - Vendor requested PoC
07/10/2008 - PoC sent to vendor
06/09/2009 - Vendor Patched
06/25/2009 - Requested Status from Vendor
06/25/2009 - Vendor provides disclosure details
06/26/2009 - Coordinated Public Disclosure
|
|
|
|
|
