Critical vulnerabilities have been found in HP's OpenView product, which could potentially affect thousands of organisations currently using the systems and network management software.
According to an advisory from Core Security Technologies, an engineer at its research arm (CoreLabs) discovered the problem while investigating the feasibility of exploiting a set of previously disclosed vulnerabilities in HP OpenView Network Node Manager (NNM) by researchers at Secunia.
HP OpenView NNM is widely used by network managers to monitor physical networks, virtual network services and the relationships between those assets, across the enterprise. Specifically, NNM helps administrators identify, diagnose and predict potential problems before they affect network performance and availability.
HP believed it had addressed Secunia vulnerabilities in a subsequent security advisory (c01661610), but CoreLabs researchers discovered two additional, unreported buffer overflow vulnerabilities in the product, and immediately alerted HP's Software Security Response Team.
Core's researchers also found during their reviews that one of the previously reported buffer overflow issues in OpenView NNM could still be exploited, even when HP's security patch designed to fix the problem was applied.
Specifically, CoreLabs found that OpenView NNM versions 7.51 and 7.53, and version 7.53 with the HP security patch applied, all contained the three reported vulnerabilities. CoreLabs concluded that the two heap-based buffer overflows reported "were newly discovered vulnerabilities because the issues were not fixed with the latest security patch and were not mentioned in any existing advisories published by HP."