HP OpenView Network Node Manager Code Execution Vulnerability Network Vulnerability

Summary

This host is running HP OpenView Network Node Manager and is prone to code execution vulnerabilities.

Impact

Successful exploitation will allow attacker to execute arbitrary code in the context of an application. Impact Level: System/Application

Solution

Apply the patch from below link, http://support.openview.hp.com/selfsolve/patches ***** NOTE : Ignore this warning, if above mentioned patch is already applied. *****

Insight

The flaw is due to an unspecified error when processing specially crafted data, which could allow remote attackers to crash an affected process or execute arbitrary code via a malicious request.

Affected

HP OpenView Network Node Manager versions 7.01, 7.51 and 7.53

References

http://marc.info/?l=bugtraq&m=124146030732511&w=2
http://osvdb.org/54222
http://securitytracker.com/alerts/2009/May/1022163.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-0720

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Atlassian JIRA FishEye and Crucible Plugins XML Parsing Unspecified Security Vulnerability
Arkeia Appliance Multiple Vulnerabilities
Ajax File and Image Manager 'data.php' PHP Code Injection Vulnerability
Apache Tomcat Windows Installer Privilege Escalation Vulnerability
Agora CGI Cross Site Scripting

Take action and discover your vulnerabilities