Back to list
Portcullis Security Advisory 05-014 HP Openview Remote Command Execution Vulnerability
Aug 25 2005 03:04PM
Paul J Docherty (PJD portcullis-security com)
Re: Portcullis Security Advisory 05-014 HP Openview Remote Command Execution Vulnerability
Aug 25 2005 06:50PM
David Litchfield (davidl ngssoftware com)
>It has been confirmed that versions 6.41 and 7.5 are vulnerable on Sun
>Solaris 8 (Sparc), however it is highly likely that all versions of the
>software on all supported operating systems are likely to be vulnerable,
>however this has not been confirmed.
Windows is vulnerable too. I reported these flaws to HP in Februrary.
>It was identified that connectedNodes.ovpl script will take input from a
cdpView.ovpl, freeIPaddrs.ovpl and ecscmg.ovpl are vulnerable, too.
Typhon (http://www.ngssoftware.com/typhon.htm) has been checking for these
flaws since February.
[ reply ]
Copyright 2010, SecurityFocus