严重程度:中
威胁程度:远程拒绝服务
错误类型:意外情况处置错误
利用方式:服务器模式
BUGTRAQ ID:8859
受影响系统
HP OpenView Network Node Manager 6.2 Solaris
- Sun Solaris 2.5.1
- Sun Solaris 2.6
- Sun Solaris 7.0
- Sun Solaris 8.0
HP OpenView Network Node Manager 6.2 NT 4.X/Windows 2000
HP OpenView Network Node Manager 6.2 HP-UX 11.X
- HP HP-UX 11.0
- HP HP-UX 11.11
HP OpenView Network Node Manager 6.2 HP-UX 10.X
- HP HP-UX 10.20
HP OpenView Network Node Manager 6.2
HP OpenView Network Node Manager 6.4 Solaris
HP OpenView Network Node Manager 6.4 NT 4.X/Windows 2000
HP OpenView Network Node Manager 6.4 HP-UX 11.X
HP OpenView Network Node Manager 6.4
详细描述
OpenView Network Node Manager (NNM)存在多个安全问题,可导致拒绝服务攻击。
当处理畸形TCP包时可导致内存泄露,触发拒绝服务。
当处理畸形TCP包时也可以导致进程消耗大量CPU资源而产生拒绝服务。
解决方案
补丁下载:
HP OpenView Network Node Manager 6.2 Solaris:
HP Patch PSOV_03289
http://itrc.hp.com
HP OpenView Network Node Manager 6.2 NT 4.X/Windows 2000:
HP Patch NNM_01007
http://itrc.hp.com
HP OpenView Network Node Manager 6.2 HP-UX 11.X:
HP Patch PHSS_29754
http://itrc.hp.com
HP OpenView Network Node Manager 6.2 HP-UX 10.X:
HP Patch PHSS_29753
http://itrc.hp.com
HP OpenView Network Node Manager 6.4 Solaris:
HP Patch PSOV_03288
http://itrc.hp.com
HP OpenView Network Node Manager 6.4 NT 4.X/Windows 2000:
HP Patch NNM_01006
http://itrc.hp.com
HP OpenView Network Node Manager 6.4 HP-UX 11.X:
HP Patch PHSS_29647
http://itrc.hp.com
相关信息
参考
http://www.securityfocus.com/advisories/5988
