| VID |
23209 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
Daemon |
| Detailed Description |
The HP OpenView NNM is vulnerable to a directory traversal vulnerability the 'OpenView5.exe' CGI script. HP OpenView Network Node Manager (NNM) discovers network devices and provides a map to illustrate what the network actually looks like. HP OpenView Network Node Manager (OV NNM) versions 7.51 and 7.53 could allow a remote attacker to traverse directories on the system, caused by improper validation of user-supplied input passed to the 'Action' parameter of the 'OpenView5.exe' CGI script. By sending a specially-crafted URL request to the OpenView5.exe CGI application containing "dot dot" sequences (/../) in the Action parameter, a remote attacker could traverse directories and read arbitrary files on the affected system.
* References:
http://aluigi.altervista.org/adv/closedviewx-adv.txt
http://www.securityfocus.com/archive/1/490771/30/0/threaded
http://secunia.com/secunia_research/2008-4/advisory/
http://www.securityfocus.com/archive/1/490834/30/0/threaded
http://www.frsirt.com/english/advisories/2008/1214
http://securitytracker.com/alerts/2008/Apr/1019838.html
http://secunia.com/advisories/29796
* Platforms Affected:
HP OpenView Network Node Manager 7.51, 7.53
Microsoft Windows Any version |
| Recommendation |
No upgrade or patch available as of May 2008.
As a workaround, restrict network access to the services. |
| Related URL |
CVE-2008-0068 (CVE) |
| Related URL |
28745 (SecurityFocus) |
| Related URL |
41790 (ISS) |
|
