‘HP OpenView Network Node Manager (OV NNM) Execution of Arbitrary Code Vulnerability’

Summary

A potential security vulnerability has been identified with HP OpenView Network Node Manager (OV NNM).’

Credit:

‘The original article can be found at: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02290344


Details

Vulnerable Systems:
 * HP OpenView Network Node Manager (OV NNM) v7.51
 * HP OpenView Network Node Manager (OV NNM) v7.53

The vulnerability could be exploited remotely to execute arbitrary code under the context of the user running the web server

Patch Availability:
HP has made patches available to resolve the vulnerabilities for NNM v7.53.
The patches for NNM v7.53 are available from
http://support.openview.hp.com/selfsolve/patches
For OV NNM v7.51, Upgrade to NNM v7.53 and apply the NNM v7.53 resolution.

CVE Information:
CVE-2010-2704

Disclosure Timeline:
Release Date 2010-07-20
Last Updated 2010-09-28′

Categories: News