Summary
HP OpenView Network Node Manager (OV NNM) is prone to a remote code-execution vulnerability.
An attacker can exploit this issue to execute arbitrary code with SYSTEM- level privileges. Successful exploits will completely compromise affected computers.
The issue affects HP OpenView Network Node Manager versions 7.51 and 7.53 running on the Windows platform.
Solution
Updates are available. Please see the references for details.
References
- http://itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02286088
- http://www.exploit-db.com/moaub-6-hp-openview-nnm-webappmon-exe-execvp_nc-remote-code-execution/
- http://www.securityfocus.com/archive/1/512543
- http://www.zerodayinitiative.com/advisories/ZDI-10-137/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+ZDI-Published-Advisories+%28Zero+Day+Initiative+Published+Advisories%29
- https://www.securityfocus.com/bid/41829
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2010-2703 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities