3 Replies Latest reply on Jun 23, 2009 7:04 AM by rsprim

    Orion NPM v9.5 Vulnerability

    rsprim

      We are running security scans of the Orion NPM v9.5 software utilizing Retina and have found the following vulnerability with the software. 

      http://secunia.com/advisories/32609/

      Solution:
      The vulnerability is fixed in version 8.0.20081.142 of the ActiveX control.

      We were hoping that SP1 resolved this vulnerability but it didn't.   The solution is to upgrade to version 8.0.20081.142 of the ActiveX control.  We can not release the upgrade to our sites until this is resolved.  SolarWinds - Can you provide an update to this Active X component or provide a workaround to upgrade the component so we can clear the security scans?  Thanks!

      Robert

        • Re: Orion NPM v9.5 Vulnerability
          Karlo.Zatylny

          Hi,

          We have done some analysis about this vulnerability and since this control is no longer required by Orion NPM 9.5, you can unregister this component with "regsvr32 /u c1sizerppg.dll" and then remove clsizerppg.dll from Program Files/Common Files/Solarwinds.

          Please let us know if this works for you.

          Thanks