| VID |
23137 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
Daemon |
| Detailed Description |
The HP OpenView NNM is vulnerable to multiple remote arbitrary command execution vulnerabilities. HP OpenView Network Node Manager (NNM) discovers network devices and provides a map to illustrate what the network actually looks like. HP Openview Network Node Manager (OV NNM) 6.2, 6.4, 7.01, 7.50 running on HP-UX, Solaris, Windows NT, Windows 2000, Windows XP, and Linux could allow a remote attacker to execute arbitrary commands, caused by improper filtering of user-supplied input to various parameters used in the 'cdpView.ovpl', 'connectedNotes.ovpl', 'ecscmg.ovpl', and 'freeIPaddrs.ovpl' scripts before using it to run a command. By sending a specially crafted HTTP request containing shell meta characters, a remote attacker could execute arbitrary commands on the system within the context of the affected Web service.
* References:
http://itrc.hp.com/service/cki/docDisplay.do?docId=HPSBMA01224
http://www.securityfocus.com/archive/1/409179
http://www.securityfocus.com/archive/1/409196
http://www.securityfocus.com/advisories/9150
http://secunia.com/advisories/16555/
* Platforms Affected:
HP OpenView Network Node Manager 6.2, 6.4, 7.01, 7.50
Any operating system Any version |
| Recommendation |
HP has released advisory HPSBMA01224 (SSRT051023 rev.0 - HP Openview Network Node Manager (OV NNM) Remote Unauthorized Access) to address this issue. HP recommends moving "cgi-bin/connectedNodes.ovpl" script into another directory. The same should be done for the cdpView.ovpl, freeIPaddrs.ovpl, ecscmg.ovpl scripts.
For details, please see the HP security advisory HPSBMA01224 at http://www.securityfocus.com/advisories/9150 |
| Related URL |
CVE-2005-2773 (CVE) |
| Related URL |
14662 (SecurityFocus) |
| Related URL |
21999 (ISS) |
|
