‘HP OpenView Network Node Manager Execution of Arbitrary Code Vulnerability’

Summary

A vulnerability was identified on HP OpenView Network Node Manager which could lead to the execution of arbitrary code.’

Credit:

‘The original article can be found at: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02286088


Details

Vulnerable Systems:
 * HP OpenView Network Node Manager (OV NNM) v7.51 running on Windows
 * HP OpenView Network Node Manager (OV NNM) v7.53 running on Windows

A potential vulnerability has been identified with HP OpenView Network Node Manager (OV NNM) running on Windows. The vulnerability could be exploited remotely to execute arbitrary code.

Patch Availability:
HP has made a hotfix available to resolve the vulnerability. Download SSRT100025.zip from ftp.usa.hp.com. Optionally verify the SHA-1 sum.
For v7.51, upgrade to NNM v7.53 and apply the NNM v7.53 hotfix listed above.

CVE Information:
CVE-2010-2703

Disclosure Timeline:
2010-07-20: Release Date
2010-07-20: Last Updated’

Categories: Windows