Vigil@nce: OpenView NNM, vulnerability of SNMP and MIB
June 2009 by Vigil@nce
An attacker can use a vulnerability of SNMP and MIB in order to
execute code or to generate a denial of service on HP OpenView
Network Node Manager.
Severity: 2/4
Consequences: user access/rights, denial of service of service
Provenance: intranet client
Means of attack: no proof of concept, no attack
Ability of attacker: expert (4/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Creation date: 10/06/2009
IMPACTED PRODUCTS
– HP OpenView
– HP OpenView NNM
DESCRIPTION OF THE VULNERABILITY
The SNMP protocol is used for the remote administration of a
computer. The MIB stores information and state of the computer.
An attacker can use a vulnerability of SNMP and MIB in order to
execute code or to generate a denial of service on HP OpenView
Network Node Manager.
Technical details are unknown.
CHARACTERISTICS
Identifiers: BID-35267, c01754877, CVE-2009-1420, HPSBMA02430,
SSRT080094, VIGILANCE-VUL-8787
http://vigilance.fr/vulnerability/OpenView-NNM-vulnerability-of-SNMP-and-MIB-8787