• Product Information
• Security Products Overview
• Juniper Networks ISG Series
• IDP Demo
• Product Poster & Z-Card 

Title: HP OpenView Network Node Manager Denial Of Service Vulnerabilities

Severity: MODERATE

Description:

HP Network Node Manager is a commercial systems management software package distributed by Hewlett-Packard.

HP has announced that a number of vulnerabilities exist in the OpenView Network Node Manager (NNM). It has been reported that specially formatted packets transmitted to a listening TCP port of specific NNM processes may trigger a memory leak. This would effectively result in the targeted process crashing or possibly affecting availability of resources on a system-wide basis.

HP has also reported that NNM is prone to a second separate denial of service condition, also when handling malformed TCP packets.

The precise details regarding these issues are currently unknown, however if new information is made available, this BID will be updated accordingly.

Affected Products:

• HP OpenView Network Node Manager 5.0.02
• HP OpenView Network Node Manager 6.0.01
• HP OpenView Network Node Manager 6.1.0
• HP OpenView Network Node Manager 6.1.0 HP-UX 10.X
• HP OpenView Network Node Manager 6.1.0 HP-UX 11.X
• HP OpenView Network Node Manager 6.1.0 Solaris
• HP OpenView Network Node Manager 6.10.0
• HP OpenView Network Node Manager 6.2.0
• HP OpenView Network Node Manager 6.2.0 HP-UX 10.X
• HP OpenView Network Node Manager 6.2.0 HP-UX 11.X
• HP OpenView Network Node Manager 6.2.0 NT 4.X/Windows 2000
• HP OpenView Network Node Manager 6.2.0 Solaris
• HP OpenView Network Node Manager 6.31.0
• HP OpenView Network Node Manager 6.4.0
• HP OpenView Network Node Manager 6.4.0 HP-UX 11.X
• HP OpenView Network Node Manager 6.4.0 NT 4.X/Windows 2000
• HP OpenView Network Node Manager 6.4.0 Solaris
• HP OpenView Network Node Manager 6.41

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.