Skip to main content

HP OpenView Network Node Manager Arbitrary Command Execution Vulnerability

Last Update Date: 28 Jan 2011 Release Date: 11 Feb 2010 5344 Views

RISK: Medium Risk

A vulnerability has been identified in HP Network Node Manager, which can be exploited by malicious people to compromise a vulnerable system.

The vulnerability is caused due to an unspecified error, which can be exploited to execute arbitrary commands.


Impact

  • Remote Code Execution

System / Technologies affected

  • HP OpenView Network Node Manager (OV NNM) 8.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Apply patches.
    - http://support.openview.hp.com/selfsolve/patches
  • HP-UX (IA):
    - Apply patch PHSS_40368 or subsequent
  • Linux RedHat4AS:
    - Apply patch NNM810L_00006 or subsequent
  • Solaris:
    - Apply patch NNM810S_00006 or subsequent
  • Windows:
    - Apply patch NNM810W_00006 or subsequent


Vulnerability Identifier


Source


Related Link