‘HP OpenView Network Node Manager Execution of Arbitrary Code Vulnerability’

Summary

A vulnerability related to the execution of arbitrary code has been discovered in HP OpenView Network Node Manager.’

Credit:

‘The original article can be found at: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02446520


Details

Vulnerable Systems:
 * HP OpenView Network Node Manager (OV NNM) v7.51 running on HP-UX
 * HP OpenView Network Node Manager (OV NNM) v7.51 running on Linux
 * HP OpenView Network Node Manager (OV NNM) v7.51 running on Solaris
 * HP OpenView Network Node Manager (OV NNM) v7.51 running on Windows
 * HP OpenView Network Node Manager (OV NNM) v7.53 running on HP-UX
 * HP OpenView Network Node Manager (OV NNM) v7.53 running on Linux
 * HP OpenView Network Node Manager (OV NNM) v7.53 running on Solaris
 * HP OpenView Network Node Manager (OV NNM) v7.53 running on Windows

A potential security vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). The vulnerability could be exploited remotely to execute arbitrary code under the context of the user running the web server.

Patch Availability:
HP has made patches available to resolve the vulnerability for NNM v7.53.
The patches are available from
http://support.openview.hp.com/selfsolve/patches

CVE Information:
CVE-2010-2709

Disclosure Timeline:
Release Date: 2010-08-03
Last Updated: 2010-08-02′

Categories: News