HP OpenView Network Node Manager DoS

2003-10-21T10:17:03
ID OSVDB:2682
Type osvdb
Reporter OSVDB
Modified 2003-10-21T10:17:03

Description

Vulnerability Description

HP OpenView Network Node Manager contains a flaw that may allow a remote denial of service. By sending specially crafted packets to the listening TCP port of certain NNM process, a malicious user can cause the processes to consume excessive CPU resources, and will result in loss of availability for the service.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Hewlett-Packard has released a patch to address this vulnerability.

Short Description

HP OpenView Network Node Manager contains a flaw that may allow a remote denial of service. By sending specially crafted packets to the listening TCP port of certain NNM process, a malicious user can cause the processes to consume excessive CPU resources, and will result in loss of availability for the service.

References:

Vendor URL: http://www.managementsoftware.hp.com/ Vendor Specific Advisory URL Secunia Advisory ID:10003 ISS X-Force ID: 13467 Bugtraq ID: 8859