Vulnerability CVE-2009-1420 - CERT Civis.Net

Vulnerability Name:

CVE-2009-1420 (CCN-51033)

Assigned:

2009-06-09

Published:

2009-06-09

Updated:

2009-07-11

Summary:

Stack-based buffer overflow in rping in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53, when used with SNMP (aka HPOvNNM.HPOVSNMP) before 1.30.009 and MIB (aka HPOvNNM.HPOVMIB) before 1.30.009, allows remote attackers to execute arbitrary code or cause a denial of service via unknown vectors.

CVSS v3 Severity:

7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
7.4 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.5 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2009-1420

Source: MITRE
Type: CNA
CVE-2009-2298

Source: CCN
Type: HP Security Bulletin HPSBMA02430 SSRT080094 rev.1
HP OpenView Network Node Manager (OV NNM) Running SNMP and MIB, Remote Execution of Arbitrary Code, Denial of Service (DoS)

Source: IDEFENSE
Type: UNKNOWN
20090626 HP Network Node Manager rping Stack Buffer Overflow Vulnerability

Source: HP
Type: Patch
HPSBMA02430

Source: CCN
Type: SA35408
HP OpenView Network Node Manager SNMP and MIB Code Execution Vulnerability

Source: SECUNIA
Type: Vendor Advisory
35408

Source: CCN
Type: SECTRACK ID: 1022360
HP OpenView Network Node Manager SNMP/MIB Bug Lets Remote Users Execute Arbitrary Code

Source: SECTRACK
Type: Patch
1022360

Source: CCN
Type: OSVDB ID: 55247
HP OpenView Network Node Manager (OV NNM) SNMP / MIB rping Utility Remote Overflow

Source: CCN
Type: OSVDB ID: 55541
HP OpenView Network Node Manager (OV NNM) on Linux rping Unspecified Overflow

Source: BID
Type: Patch
35267

Source: CCN
Type: BID-35267
HP OpenView Network Node Manager 'rping' Stack Buffer Overflow Vulnerability

Source: VUPEN
Type: UNKNOWN
ADV-2009-1549

Source: XF
Type: UNKNOWN
openviewnnm-snmp-mib-bo(51033)

Source: CCN
Type: iDefense PUBLIC ADVISORY: 06.26.09
HP Network Node Manager rping Stack Buffer Overflow Vulnerability

Vulnerable Configuration:

Configuration 1:

cpe:/a:hp:openview_network_node_manager:7.51:-:hp-ux:*:*:*:*:*

OR cpe:/a:hp:openview_network_node_manager:7.51:-:linux:*:*:*:*:*

OR cpe:/a:hp:openview_network_node_manager:7.51:-:solaris:*:*:*:*:*

OR cpe:/a:hp:openview_network_node_manager:7.51:-:windows:*:*:*:*:*

OR cpe:/a:hp:openview_network_node_manager:7.53:-:hp-ux:*:*:*:*:*

OR cpe:/a:hp:openview_network_node_manager:7.53:-:linux:*:*:*:*:*

OR cpe:/a:hp:openview_network_node_manager:7.53:-:solaris:*:*:*:*:*

OR cpe:/a:hp:openview_network_node_manager:7.53:-:windows:*:*:*:*:*

AND

cpe:/a:hp:hpovnnm.hpovmib:1.30.000:*:*:*:*:*:*:*

OR cpe:/a:hp:hpovnnm.hpovsnmp:1.30.000:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:hp:openview_network_node_manager:7.51:*:*:*:*:*:*:*

OR cpe:/a:hp:openview_network_node_manager:7.53:*:*:*:*:*:*:*

Denotes that component is vulnerable