Secunia Security Advisory - James Fisher has reported a vulnerability in HP Openview Network Node Manager, which can be exploited by malicious people to compromise a vulnerable system.
10ead09cc3f93406473e815b3a1812f9ff70511193760443dee38fa92af7b788
----------------------------------------------------------------------
Bist Du interessiert an einem neuen Job in IT-Sicherheit?
Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT-
Sicherheit:
http://secunia.com/secunia_vacancies/
----------------------------------------------------------------------
TITLE:
HP Openview Network Node Manager Arbitrary Command Execution
SECUNIA ADVISORY ID:
SA16555
VERIFY ADVISORY:
http://secunia.com/advisories/16555/
CRITICAL:
Moderately critical
IMPACT:
System access
WHERE:
>From local network
SOFTWARE:
HP OpenView Network Node Manager (NNM) 7.x
http://secunia.com/product/3608/
HP OpenView Network Node Manager (NNM) 6.x
http://secunia.com/product/2384/
DESCRIPTION:
James Fisher has reported a vulnerability in HP Openview Network Node
Manager, which can be exploited by malicious people to compromise a
vulnerable system.
Input passed to the "node" parameter in cgi-bin/connectedNodes.ovpl
is not properly sanitised before being used as command line
arguments. This can be exploited to execute arbitrary shell commands
via a specially crafted string containing shell meta characters.
The cdpView.ovpl, freeIPaddrs.ovpl, and ecscmg.ovpl scripts are
reportedly also vulnerable.
The vulnerability affects versions 6.2, 6.4, 7.01, and 7.50 running
on HP-UX, Solaris, Windows NT, Windows 2000, Windows XP, and Linux.
SOLUTION:
The vendor recommends moving "cgi-bin/connectedNodes.ovpl" into
another directory.
The same should be done for the cdpView.ovpl, freeIPaddrs.ovpl,
ecscmg.ovpl scripts.
PROVIDED AND/OR DISCOVERED BY:
James Fisher, Portcullis Computer Security.
Additional information about three other scripts:
* David Litchfield
ORIGINAL ADVISORY:
HP SSRT051023:
http://itrc.hp.com/service/cki/docDisplay.do?docId=HPSBMA01224
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------