Update Protection against HP OpenView Network Node Manager Denial of Service
| Check Point Reference: | CPAI-2009-302 | |
| Date Published: | ||
| Severity: | ||
| Source: | Secunia Advisory: SA37376 | |
| Industry Reference(s): | CVE-2009-3840 | |
| Protection Provided by: |
IPS-1
|
|
| Who is Vulnerable? HP OpenView Network Node Manager 7.51 HP OpenView Network Node Manager 7.53 | ||
| Vulnerability Description A denial of service vulnerability exists in HP OpenView Network Node Manager. The flaw is due to a design weakness when processing crafted packets sent to the server. Remote attackers could exploit this vulnerability by sending a malicious request to the affected TCP port. Successful exploitation can lead to a denial of service condition of the target system. |
||
|
Update/Patch Available The vendor, HP, has released an advisory addressing this vulnerability: Hp Support |
|
|
Vulnerability Details The vulnerability is caused due to an error in the database service (ovdbrun.exe) when processing TCP packets. This can be exploited to terminate the service via a specially crafted packet containing an invalid error code. |
Protection Overview
By enabling this protection, IPS-1 will detect and block malformed packets sent to HP OpenView's ovdbrun.exe process.
In order for the protection to be activated, update your product to the latest update. For information on how to update , go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.