Sign-up

ID

VAR-200909-0403


CVE

CVE-2009-3099


TITLE

Windows Server 2003 SP2 upper HP OpenView Operations Manager Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2009-004922

DESCRIPTION

Unspecified vulnerability in HP OpenView Operations Manager 8.1 on Windows Server 2003 SP2 allows remote attackers to have an unknown impact, related to a "Remote exploit," as demonstrated by a certain module in VulnDisco Pack Professional 8.11, a different vulnerability than CVE-2007-3872. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. This vulnerability CVE-2007-3872 Is a different vulnerability.A third party may be affected unspecified. HP OpenView is prone to a remote security vulnerability. ---------------------------------------------------------------------- Do you have VARM strategy implemented? (Vulnerability Assessment Remediation Management) If not, then implement it through the most reliable vulnerability intelligence source on the market. Implement it through Secunia. For more information visit: http://secunia.com/advisories/business_solutions/ Alternatively request a call from a Secunia representative today to discuss how we can help you with our capabilities contact us at: sales@secunia.com ---------------------------------------------------------------------- TITLE: HP Operations Manager Unspecified Vulnerability SECUNIA ADVISORY ID: SA36541 VERIFY ADVISORY: http://secunia.com/advisories/36541/ DESCRIPTION: A vulnerability has been reported in HP Operations, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an unspecified error and may allow execution of arbitrary code. No more information is currently available. The vulnerability is reported in version 8.1. Other versions may also be affected. SOLUTION: Due to the very limited available information, it is not possible to suggest an effective workaround. PROVIDED AND/OR DISCOVERED BY: Reportedly a module for VulnDisco Pack. ORIGINAL ADVISORY: http://intevydis.com/vd-list.shtml ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 1.98

sources: NVD: CVE-2009-3099 // JVNDB: JVNDB-2009-004922 // BID: 79351 // PACKETSTORM: 80971

AFFECTED PRODUCTS

vendor:hpmodel:operations managerscope:eqversion:8.1

Trust: 1.0

vendor:hewlett packardmodel:hp operations managerscope:eqversion:8.1

Trust: 0.8

vendor:microsoftmodel:windows server 2003scope:eqversion:sp2

Trust: 0.6

vendor:hpmodel:openview operations for windowsscope:eqversion:8.10

Trust: 0.3

sources: BID: 79351 // JVNDB: JVNDB-2009-004922 // CNNVD: CNNVD-200909-112 // NVD: CVE-2009-3099

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2009-3099
value: HIGH

Trust: 1.8

CNNVD: CNNVD-200909-112
value: CRITICAL

Trust: 0.6

NVD: CVE-2009-3099
severity: HIGH
baseScore: 10.0
vectorString: AV:N/AC:L/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

sources: JVNDB: JVNDB-2009-004922 // CNNVD: CNNVD-200909-112 // NVD: CVE-2009-3099

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2009-3099

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200909-112

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-200909-112

CONFIGURATIONS

sources:
            
            
            NVD: CVE-2009-3099

PATCH
title:OpenView Operations Managerurl:http://www8.hp.com/us/en/software-solutions/software.html?compuri=1170678#.t-6gvxc0o80
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2009-004922

EXTERNAL IDS
db:NVDid:CVE-2009-3099
Trust: 2.7
db:SECUNIAid:36541
Trust: 1.7
db:JVNDBid:JVNDB-2009-004922
Trust: 0.8
db:CNNVDid:CNNVD-200909-112
Trust: 0.6
db:BIDid:79351
Trust: 0.3
db:PACKETSTORMid:80971
Trust: 0.1
sources:
            
            
            BID: 79351 // 
            
            
            
            JVNDB: JVNDB-2009-004922 // 
            
            
            
            PACKETSTORM: 80971 // 
            
            
            
            CNNVD: CNNVD-200909-112 // 
            
            
            
            NVD: CVE-2009-3099

REFERENCES
url:http://intevydis.com/vd-list.shtml
Trust: 2.0
url:http://secunia.com/advisories/36541
Trust: 1.6
url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3099
Trust: 0.8
url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-3099
Trust: 0.8
url:http://secunia.com/advisories/secunia_security_advisories/
Trust: 0.1
url:http://secunia.com/advisories/36541/
Trust: 0.1
url:http://secunia.com/advisories/business_solutions/
Trust: 0.1
url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Trust: 0.1
url:http://secunia.com/advisories/about_secunia_advisories/
Trust: 0.1
sources:
            
            
            BID: 79351 // 
            
            
            
            JVNDB: JVNDB-2009-004922 // 
            
            
            
            PACKETSTORM: 80971 // 
            
            
            
            CNNVD: CNNVD-200909-112 // 
            
            
            
            NVD: CVE-2009-3099

CREDITS
Unknown
Trust: 0.3
sources:
            
            
            BID: 79351

SOURCES
db:BIDid:79351
db:JVNDBid:JVNDB-2009-004922
db:PACKETSTORMid:80971
db:CNNVDid:CNNVD-200909-112
db:NVDid:CVE-2009-3099

LAST UPDATE DATE
2022-05-06T23:20:58.237000+00:00

SOURCES UPDATE DATE
db:BIDid:79351date:2009-09-08T00:00:00
db:JVNDBid:JVNDB-2009-004922date:2012-09-25T00:00:00
db:CNNVDid:CNNVD-200909-112date:2009-09-09T00:00:00
db:NVDid:CVE-2009-3099date:2019-02-26T14:04:00

SOURCES RELEASE DATE
db:BIDid:79351date:2009-09-08T00:00:00
db:JVNDBid:JVNDB-2009-004922date:2012-09-25T00:00:00
db:PACKETSTORMid:80971date:2009-09-03T05:19:06
db:CNNVDid:CNNVD-200909-112date:2009-09-08T00:00:00
db:NVDid:CVE-2009-3099date:2009-09-08T18:30:00