OpenView Open To Hacking

Get the WebProNews Newsletter:

[ Business]

French tech security firm FrSIRT has reported on a high-risk flaw in HP’s network management tool.

OpenView’s Network Node Manager could be open to remote code exploits due to an input validation error flaw in a script. HP has addressed the problem via a workaround posted on its site.

Other scripts that are part of the OpenView product exhibit the same vulnerability. FrSIRT lists four products affected by the issue; they include versions running on HP-UX, Solaris, Windows NT, Windows 2000, Windows XP, and Linux:

HP OpenView Network Node Manager version 6.2
HP OpenView Network Node Manager version 6.4
HP OpenView Network Node Manager version 7.01
HP OpenView Network Node Manager version 7.50

An exploit that hits the vulnerable script, connectedNodes.ovpl, would be able to execute commands at the same permission level. Three other scripts, freeIPaddrs.ovpl, cdpView.ovpl, and ecscmg.ovpl, have the same vulnerability.

David Utter is a staff writer for WebProNews covering technology and business. Email him here.

OpenView Open To Hacking
Comments Off
Top Rated White Papers and Resources

Comments are closed.

  • Join for Access to Our Exclusive Web Tools
  • Sidebar Top
  • Sidebar Middle
  • Sign Up For The Free Newsletter
  • Sidebar Bottom