[NV-L] FW: US-CERT Current Activity - HP Releases Security Bulletin for HP OpenView Network Node Manager
2009-02-09 10:18:37
Well, you have to register with HP to actually obtain the patch and they provide no details on either URL about what areas of the code are affected.
But CERT also knows about NetView and if they knew of a vulnerability in it, they would contact us directly, just as they did in 2002 when we fixed a similar issue with trapd. If my management knew of a current vulnerability it would be on my desk in hours if not minutes, and I know nothing about any such thing.
James Shanks
Tivoli Network Availability Management Level Three
Network Availability Management
Tivoli Software, IBM Corp
1-919-224-1642 | T/L 687-1642 | ITN 26871642
"Davis, Donald" <donald.davis AT firstcitizens DOT com>
"Davis, Donald" <donald.davis AT firstcitizens DOT com>
Sent by: nv-l-bounces AT lists.ca.ibm DOT com
02/09/2009 09:51 AM
Please respond to
Tivoli NetView Discussions <nv-l AT lists.ca.ibm DOT com> |
|
|
My Info-Security department is asking me if this is also an issue with
NetView.
There is not enough detail on the HP support DOCs to determine what
daemon/process might be affected.
My initial reaction is to just say No, it is not an issue ..... But you
know about assumptions.
Thanks,
Don Davis
========================
US-CERT Current Activity
HP Releases Security Bulletin for HP OpenView Network Node Manager
Original release date: February 6, 2009 at 10:03 am
Last revised: February 6, 2009 at 10:03 am
HP has released a security bulletin to address a vulnerability in HP
OpenView Network Node Manager. This vulnerability may allow a remote
attacker to execute arbitrary code.
US-CERT recommends that users and administrators review the HP Support
document and apply any necessary updates to help mitigate the risks.
Relevant Url(s):
<http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=
c01661610>
====
This entry is available at
http://www.us-cert.gov/current/index.html#hp_releases_security_bulletin_
for
------------------------------------------------------------------------------
Call 1.888.FC DIRECT (1.888.323.4732) or visit us on the web at firstcitizens.com
today to take advantage of our great products and services.
This electronic mail and any files transmitted with it are confidential and are intended solely for the use
of individual or entity to whom they are addressed. If you are not the intended recipient or the person
responsible for delivering the electronic mail to the intended recipient, be advised that if you have received
this electronic mail in error and that any use, dissemination, forwarding, printing, or copying of this electronic
mail is strictly prohibited. If you have received this electronic mail in error, please immediately notify the
sender by return mail.
--------------------
First Citizens Bank - Helping our customers achieve a lifetime of success.
Visit us on the web at firstcitizens.com - Member FDIC
==============================================================================
02/09/09, 09:51:04
_______________________________________________
NV-L mailing list
NV-L AT lists.ca.ibm DOT com
Unsubscribe:NV-L-leave AT lists.ca.ibm DOT com
http://lists.ca.ibm.com/mailman/listinfo/nv-l (Browser access limited to internal IBM'ers only)
_______________________________________________
NV-L mailing list
NV-L AT lists.ca.ibm DOT com
Unsubscribe:NV-L-leave AT lists.ca.ibm DOT com
http://lists.ca.ibm.com/mailman/listinfo/nv-l (Browser access limited to
internal IBM'ers only)
|
|
|