OSVDB ID: 53238

Title: HP OpenView Network Node Manager (OV NNM) webappmon.exe Arbitrary Code Execution

Info

Disclosure

Feb 06, 2009

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Feb 04, 2009

Description

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Patch / RCS
Exploit: Exploit Private, Exploit Commercial
Disclosure: Vendor Verified
OSVDB: Web Related

Solution

HP has released a patch to address this vulnerability. Additionally, it is possible to temporarily work around the flaw by implementing the following workaround: By default, the NNM CGI applications do not require a user to be authenticated. By changing the session.conf file and setting UserLogin to ON, it is possible to require valid credentials in order to run. The 'ovhtpasswd' application can then be used to add valid credentials to the password file.

Products

Unknown or Incomplete

References

CVE ID: 2008-4559 (see also: NVD)
Bugtraq ID: 33666
Secunia Advisory ID: 33857
Related OSVDB ID: 53235 53237 53239 53240 53241
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2009-02/0049.html
http://archives.neohapsis.com/archives/bugtraq/2009-02/0053.html
Vendor Specific Advisory URL: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01661610
Other Advisory URL: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01661610
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=770

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/53238