Next Page >>
archiving
RESOLUTION
HP has made the following procedure available to resolve the vulnerability.
Note: The resolution is contained in the archive files listed below. Before an archive file is applied a patch may be required. The patch will insure that NNM is compatible with the software files in the archive. No patch is required for NNM v7.53.
1. Install the appropriate patch listed in the table below. The patches are available from http://itrc.hp.com
2. Download the appropriate archive file listed in the table below. The archive files are available here:
ftp://ss080024:ss080024@hprc.external.hp.com/
Information on CVSS is documented in HP Customer Notice: HPSN-2008-002.
The Hewlett-Packard Company thanks Liu Zhen Hua of FortiGuard Global Security Research Team for reporting this vulnerability to security-alert@hp.com.
RESOLUTION
HP has made archive files and patches available to resolve the vulnerability. The archive files are listed in the table below. In some cases a patch is required. The patch will insure that NNM is compatible with the software files in the archive. No patch is required for NNM v7.53
Note: The files installed for the Resolution in "rev.1" of this Security bulletin must be removed. Instructions for removing the files are in the Readme.txt file. The files recommended in "rev.1" of this Security Bulletin introduced a problem with the 'ovstop -c' command. Under certain circumstances the 'ovstop -c' command would not stop certain NNM processes. The files recommended in "rev.1" of this Security Bulletin do resolve the security vulnerability.
The patches are available from http://itrc.hp.com
Information on CVSS is documented in HP Customer Notice: HPSN-2008-002.
RESOLUTION
HP has made archive files and patches available to resolve the vulnerability. The archive files are listed in the table below. In some cases a patch is required. The patch will insure that NNM is compatible with the software files in the archive. No patch is required for NNM v7.53
The patches are available from http://itrc.hp.com
The archive files are available from: ftp://ss080033:s080033@hprc.external.hp.com/
The Hewlett-Packard Company thanks Oren Isacson of Core Security Technologies for reporting these vulnerabilities to security-alert@hp.com.
RESOLUTION
HP has made archive files available to resolve the vulnerabilities. The archive files are listed in the tables below. The tables also list required patches. The patches will insure that NNM is compatible with the software files in the archive.
The patches are available from http://support.openview.hp.com/selfsolve/patches
Note: The patches are not available from the HP IT Resource Center (ITRC).
Information on CVSS is documented in HP Customer Notice: HPSN-2008-002.
The Hewlett-Packard Company thanks Oren Isacson of Core Security Technologies for reporting these vulnerabilities to security-alert@hp.com.
RESOLUTION
HP has made archive files available to resolve the vulnerabilities. The archive files are listed in the tables below. The tables also list required patches. The patches will insure that NNM is compatible with the software files in the archive.
The patches are available from http://support.openview.hp.com/selfsolve/patches
Note: The patches are not available from the HP IT Resource Center (ITRC).
The Hewlett-Packard Company thanks Oren Isacson of Core Security Technologies for reporting these vulnerabilities to security-alert@hp.com.
RESOLUTION
HP has made archive files available to resolve the vulnerabilities. The archive files are listed in the tables below. The tables also list required patches. The patches will insure that NNM is compatible with the software files in the archive.
The patches are available from http://support.openview.hp.com/selfsolve/patches
Note: The patches are not available from the HP IT Resource Center (ITRC).
These will not be patched, trends reason is that
malware will be detected up on extraction. While this is true for end-user
setups this is not the case if you use such products to scan Fileservers,
Database servers or any server where an enduser does not actively extract
content. The detection is still completely bypassed. In other words you
can no longer assume that RAR,ZIP,CAB (or any other archive) is safe/clean after
a Trendmicro scan with these products .
Hence I can no longer recommend these products for such uses and hence my
recommendation to trend to offer patches, if you use the products in such
environment please contact Trend and ask for a patch.
Information on CVSS is documented in HP Customer Notice: HPSN-2008-002.
RESOLUTION
HP has made archive files and patches available to resolve the vulnerability. The archive files are listed in the table below. In some cases a patch is required. The patch will insure that NNM is compatible with the software files in the archive. No patch is required for NNM v7.53
The patches are available from http://itrc.hp.com
The archive files are available from: ftp://ss080043:ss080043@hprc.external.hp.com/
The Hewlett-Packard Company thanks JJ Reyes, Secunia Research for reporting this vulnerability to security-alert@hp.com.
RESOLUTION
HP has made patches available to resolve the vulnerability for NNM v7.53. HP has made archive files available to resolve the vulnerability for NNM v7.01.
The patches are available from http://support.openview.hp.com/selfsolve/patches
Note: The patches are not available from the HP IT Resource Center (ITRC).
The Hewlett-Packard Company thanks an anonymous researcher working with the iDefense VCP for reporting this vulnerability to security-alert@hp.com.
RESOLUTION
HP has made patches available to resolve the vulnerability for NNM v7.53. HP has made archive files available to resolve the vulnerability for NNM v7.01.
The patches are available from http://support.openview.hp.com/selfsolve/patches
Note: The patches are not available from the HP IT Resource Center (ITRC).
The Hewlett-Packard Company thanks Dyon Balding, Secunia Research for reporting this vulnerability to security-alert@hp.com.
RESOLUTION
HP has made patches available to resolve the vulnerability for NNM v7.53.
HP has made archive files available to resolve the vulnerability for NNM v7.01.
The patches are available from http://support.openview.hp.com/selfsolve/patches
Note: The patches are not available from the HP IT Resource Center (ITRC).
The Hewlett-Packard Company thanks an anonymous researcher working with the iDefense VCP for reporting CVE-2010-TBD to security-alert@hp.com
RESOLUTION
HP has made archive files available to resolve the vulnerability for NNM v7.53. The archive files require that certain patches be installed first.
The patches are available from http://support.openview.hp.com/selfsolve/patches
Note: The patches are not available from the HP IT Resource Center (ITRC).
The Hewlett-Packard Company thanks Damian Frizza of Core Security Technologies for reporting this vulnerability to security-alert@hp.com.
RESOLUTION
HP has made archive files available to resolve the vulnerability for NNM v7.53. The archive files require that certain patches be installed first.
The patches are available from http://support.openview.hp.com/selfsolve/patches
Note: The patches are not available from the HP IT Resource Center (ITRC).
The Hewlett-Packard Company thanks Damian Frizza of Core Security Technologies for reporting this vulnerability to security-alert@hp.com.
RESOLUTION
HP has made archive files available to resolve the vulnerability for NNM v7.53. The archive files require that certain patches be installed first.
The patches are available from http://support.openview.hp.com/selfsolve/patches
Note: The patches are not available from the HP IT Resource Center (ITRC).
RESOLUTION
HP has made patches available to resolve the vulnerabilities for NNM v7.53.
HP has made archive files available to resolve the vulnerabilities for NNM v7.01. The archive files are listed in the NNM v7.01 table below. The table also lists required patches. The patches will insure that NNM v7.01 is compatible with the software files in the archive.
The patches are available from http://support.openview.hp.com/selfsolve/patches
Note: The patches are not available from the HP IT Resource Center (ITRC).
RESOLUTION
HP has made a patch available to resolve the vulnerability for NNM v7.53.
HP has made archive files and patches available to resolve the vulnerability for NNM v7.51 and NNM v7.01. The archive files are listed in the table below. The patches will insure that NNM is compatible with the software files in the archive.
The patches are available from http://itrc.hp.com
The archive files are available from: ftp://ss080043:ss080043@hprc.external.hp.com/
The patches are available from http://support.openview.hp.com/selfsolve/patches
Note: The patches are not available from the HP IT Resource Center (ITRC).
HP has made a new version of the ovas program available to resolve the vulnerability for NNM v7.01. The new ovas is available as a file to be installed manually. The files are listed in the table below. The patches listed for v7.01 insure that NNM is compatible with the software files in the archive. Unpack the archive and follow the instructions in the README.txt file.
The archive files are available from: ftp://ss080033:s080033@hprc.external.hp.com/
OV NNM v7.53
===========
The Hewlett-Packard Company thanks Damian Frizza of Core Security Technologies for reporting this vulnerability to security-alert@hp.com.
RESOLUTION
HP has made archive files available to resolve the vulnerability for NNM v7.53. The archive files require that certain patches be installed first.
The patches are available from http://support.openview.hp.com/selfsolve/patches
Note: The patches are not available from the HP IT Resource Center (ITRC).
Subscribe: To initiate a subscription to receive future HP Security Bulletin alerts via Email: http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins
Security Bulletin List: A list of HP Security Bulletins, updated periodically, is contained in HP Security Notice HPSN-2011-001: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c02964430
Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://h20566.www2.hp.com/portal/site/hpsc/public/kb/secBullArchive/
Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.
3C = 3COM
3P = 3rd Party Software
Affected products :
- All Fprot versions currently used, vendor supplies no patch for
current release. The vendor (Frisk) considers this problem to be
too low priority to patch in current release and notify clients.
To put this in perspective, rendering the Fprot scanning on GW
solutions completely useless (for certain archive types)
is low priority for Frisk.
If you are a Frisk customer and concerned about security I would
recommend calling support and ask for a patch. NB, if you are using
FPROT localy and with ON access scans you are not affected.
denial of service, or to cause heap corruption and potentially
further compromise a system. CA has issued fixes to address the
vulnerabilities.
The first vulnerability, CVE-2009-3587, is due to improper
handling of a specially crafted RAR archive file by the CA
Anti-Virus engine arclib component. An attacker can create a
malformed RAR archive file that results in heap corruption and
allows the attacker to cause a denial of service or possibly
further compromise the system.
The Hewlett-Packard Company thanks JJ Reyes, Secunia Research for reporting this vulnerability to security-alert@hp.com.
RESOLUTION
HP has made patches available to resolve the vulnerability for NNM v7.53. HP has made archive files available to resolve the vulnerability for NNM v7.01.
The patches are available from http://support.openview.hp.com/selfsolve/patches
Note: The patches are not available from the HP IT Resource Center (ITRC).
execution. We will show several exploits which execute arbitrary code upon
opening a crafted file with the ex(1), vim(1), or view(1) commands. Only in
few cases will we explore the possibility of remote exploitation. We will
present fixes/workarounds to some of the vulnerabilities.
The archive with code that is a part of this advisory can be found at
``http://www.rdancer.org/vulnerablevim.tar.bz2''.
3. Details
Impact: A remote attacker can evade detection.
Summary: The CA Anti-Virus engine contains multiple
vulnerabilities that can allow a remote attacker to evade
detection by the Anti-Virus engine by creating a malformed archive
file in one of several common file archive formats. CA has
released a new Anti-Virus engine to address the vulnerabilities.
The vulnerabilities, CVE-2009-0042, are due to improper handling
of malformed archive files by the Anti-Virus engine. A remote
attacker can create a malformed archive file that potentially
The Hewlett-Packard Company thanks Dyon Balding, Secunia Research for reporting this vulnerability to security-alert@hp.com.
RESOLUTION
HP has made patches available to resolve the vulnerability for NNM v7.53. HP has made archive files available to resolve the vulnerability for NNM v7.01.
The patches are available from http://support.openview.hp.com/selfsolve/patches
Note: The patches are not available from the HP IT Resource Center (ITRC).
process or just as a more capable replacement for the rcp command.
A technical report which describes the rsync algorithm is included
in this package.
tar
The GNU tar program saves many files together in one archive and can
restore individual files (or all of the files) from that archive. Tar
can also be used to add supplemental files to an archive and to update
or list files in the archive. Tar includes multivolume support,
automatic archive compression/decompression, the ability to perform
remote archives, and the ability to perform incremental and full
Impact: A remote attacker can evade detection.
Summary: The CA Anti-Virus engine contains multiple
vulnerabilities that can allow a remote attacker to evade
detection by the Anti-Virus engine by creating a malformed archive
file in one of several common file archive formats. CA has
released a new Anti-Virus engine to address the vulnerabilities.
The vulnerabilities, CVE-2009-0042, are due to improper handling
of malformed archive files by the Anti-Virus engine. A remote
attacker can create a malformed archive file that potentially
The Hewlett-Packard Company thanks an anonymous researcher working with the iDefense VCP for reporting this vulnerability to security-alert@hp.com.
RESOLUTION
HP has made patches available to resolve the vulnerability for NNM v7.53. HP has made archive files available to resolve the vulnerability for NNM v7.01.
The patches are available from http://support.openview.hp.com/selfsolve/patches
Note: The patches are not available from the HP IT Resource Center (ITRC).
database updates. The core of the package is an anti-virus engine
available in a form of shared library.
II. Description
~~~~~~~~~~~~~~~
The parsing engine can be bypassed by manipulating RAR archive in
a "certain way" that the Clamav engine cannot extract the content but
the end user is able to. Details are currently witheld (thanks to IBM).
III. Impact
~~~~~~~~~~~
== Abstract ==
Unreal Commander is an award winning freeware file manager for Windows
98/ME/2000/XP/2003/Vista. The application support multiple archive
formats, has a built-in ftp client, and other features.
Unreal Commander fails to check user-supplied input while processing
ZIP and RAR archives. A malformed ZIP or RAR file can be used to
perform a directory traversal attack and place malware files in a
Next Page>>
|
