Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2773

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-2773
Last Modified 07 Mar 2011 09:25:00
Published 02 Sep 2005 07:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-2773

Summary

HP OpenView Network Node Manager 6.2 through 7.50 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) node parameter to connectedNodes.ovpl, (2) cdpView.ovpl, (3) freeIPaddrs.ovpl, and (4) ecscmg.ovpl.

Vulnerable Systems

Application

  • Hp Openview Network Node Manager 6.10

  • Hp Openview Network Node Manager 6.2

  • Hp Openview Network Node Manager 6.31

  • Hp Openview Network Node Manager 6.4

  • Hp Openview Network Node Manager 6.41

  • Hp Openview Network Node Manager 7.0.1

  • Hp Openview Network Node Manager 7.50


References

XF - hp-openview-node-manager-command-execution(21999)

BID - 14662

HP - HPSBMA01224

HP - SSRT051023

SECUNIA - 16555

BUGTRAQ - 20050825 Portcullis Security Advisory 05-014 HP Openview Remote Command


Last Updated: 27 May 2016 10:40:38