Release date: 2012-4 4
Updated on: 2012-12-07
Affected Systems:
HP Network Node Manager I v9.20
HP Network Node Manager I 9.1x
Description:
--------------------------------------------------------------------------------
Bugtraq id: 56822
CVE (CAN) ID: CVE-2012-3275
HP Network Node Manager I-series (NNMi) software provides powerful out-of-the-box functions to help your Network operation team efficiently manage networks of any size.
HP Network Node Manager I (NNMi) v9.1x, v9.20 (HP-UX, Linux, Solaris, Windows) has an unauthenticated access vulnerability that remote attackers can exploit to illegally access the affected system.
<* Source: HP
Link: http://seclists.org/bugtraq/2012/Dec/45
What is https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay? DocId = emr_na-c03507416
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
HP
--
HP has released a Security Bulletin (HPSBMU02816) and corresponding patches for this:
HPSBMU02816: SSRT100949 rev.1-HP Network Node Manager I (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Access
Https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay? DocId = emr_na-c03507416
Patch download:
NNMi version platform/patch hotfix
9.1x
Linux
NNM910L_00004
Solaris
NNM910S_00004
Windows
NNM910W_00004
HP-UX
PHSS_42788
Hotfix-NNMI-9.1xP4-UI-20120927.zip
9.20
Linux
NNM920L_00001
Solaris
NNM920S_00001
Windows
NNM920W_00001
HP-UX
PHSS_42793