Security News -  Security Reviews -   Exploits -  Tools -  UNIX Focus -  Windows Focus
SecuriTeam  Beyond Security  SecuriTeam Home  Ask the Team  Mailing Lists  Advertising Info  Blogs  Black Box Testing  Vulnerability Assessment  Vulnerability Scanner SecuriTeam in Your Inbox   E-mail this article to a friend New vulnerability? New tool? Tell us	HP OpenView Products Shared Trace Service Denial of Service 23 Oct. 2008    Summary Secunia Research has discovered a vulnerability in various HP products, which can be exploited by malicious people to cause a DoS (Denial of Service).   Credit: The information has been provided by Secunia Research. The original article can be found at: http://secunia.com/secunia_research/2007-83/    Details Protect your website! Use an External Vulnerability Scanner! Nothing to install. First report in 1 hour! www.beyondsecurity.com/vulnerability-scanner Vulnerable Systems:  * HP OpenView Report version 3.70  * HP Performance Agent version 4.70 The HP OpenView Trace Service exposes an RPC service on TCP port 5051 or 5053 that does not require authentication. By sending a particular sequence of RPC requests, an object is incorrectly referenced, which may cause a memory reference beyond an allocated buffer. CVE Information: CVE-2007-4349 Time Table: 15/10/2007 - Vendor contacted. 16/10/2007 - Vendor response. 10/06/2008 - Status update requested. 12/08/2008 - Status update requested. 12/08/2008 - Vendor responds with expected release date before end of September. 22/10/2008 - Public disclosure.  Comments:  Add new comment:  Subject:  Name/Nick/Email:          Chars Left:	All Sections Security News Unix focus Exploits Tools Windows focus Security Reviews  Related Articles Microsoft Office Excel Malformed Records Stack Buffer Overflow (MS09-021) Microsoft Excel Record Parsing Array Indexing Vulnerability (MS09-021) Microsoft Excel String Parsing Integer Overflow Vulnerability (MS09-021) libpurple MSN Protocol SLP Message Heap Overflow Vulnerability CA ARCserve Backup Message Engine Denial of Service Vulnerabilities Microsoft Internet Explorer setCapture Memory Corruption Vulnerability (MS09-019) Microsoft Internet Explorer Security Zone Restrictions Bypass Microsoft Internet Explorer onreadystatechange Memory Corruption Vulnerability (MS09-019) Microsoft Internet Explorer Event Handler Memory Corruption Vulnerability (MS09-019) Microsoft Internet Explorer DHTML Handling Memory Corruption Vulnerability (MS09-019) Microsoft Internet Explorer Concurrent Ajax Request Memory Corruption (MS09-019) DX Studio Player Firefox Plug-in Command Injection SAP GUI Buffer Overflow Vulnerability Microsoft Office Word Document Parsing Buffer Overflow Vulnerability (MS09-027) Microsoft Active Directory Hexdecimal DN AttributeValue Invalid Free Vulnerability (MS09-018)  Featured Articles Adobe Shockwave Player Director File Parsing Pointer Overwrite Mozilla Firefox Java Applet Loading Vulnerability Microsoft Internet Explorer Security Zone Restrictions Bypass Adobe Acrobat and Reader Heap Overflow Vulnerability Adobe Reader U3D Stack Overflow Vulnerability Apple CUPS NULL Pointer Vulnerability SonicWALL Global Security Client Privilege Escalation Vulnerability
	Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus - Blogs - CVEs

Copyright © 1998-2008 Beyond Security® All rights reserved.
Terms of Use Site Privacy Statement.
SecuriTeam™ is a trademark of Beyond Security®