HP OpenView NNM 0day, lightthpd DoS

An exploit has been published for HP OpenView Network Node Manager (NNM). This exploit is preauthentication and can be exploited remotely. From what I’ve read it looks to be exploited over the HTTP port of OpenView and is exploiting the OVAS.exe service. No references to updates or fixes were found. Users should restrict network access to machines running this software.

There’s a vulnerability in lightttpd that can be exploited to cause a denial of service. The issue exists in the SSL error queue where a single connection could be exploited to deny all other SSL connections. This has been fixed in the SVN repository, available at:

http://trac.lighttpd.net/trac/changeset/2136
http://trac.lighttpd.net/trac/changeset/2139

Checkpoint VPN XSS, Multiple Java Vulns

Checkpoint VPN-1 UTM Edge is vulnerable to cross site scripting. This particular XSS vulnerability allows for reflective cross site scripting pre authentication. This could allow attackers to embed the login form in an html form for deceptive and malicious purposes. The latest firmware version, 7.5.48, reportedly does not contain this vulnerability.

There are multiple vulnerabilities in Java. This includes Java Web Start, the JRE and SDK. These vulnerabilities could lead to a Denial of Service or system compromise. All of the more recent versions of Java are vulnerable, so if you haven’t updated your Java install in a few weeks, now would be the time to do so.

Lighttpd, a popular light open source web server, is vulnerable to CGI source exposure and potential denial of service. Version 1.4.18-r2 is affected and a newer version is available.