• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

HP OpenView Network Node Manager Insecure Permissions Vulnerability

HP OpenView Network Node Manager is prone to a local insecure-permissions vulnerability because of a flaw in the application's installation process that will cause insecure permissions of the HP OpenView installation.

Exploiting this issue allows local attackers to access and overwrite arbitrary files in the HP OpenView application directory. This includes overwriting a service executable that is run with SYSTEM-level privileges. This issue facilitates the complete compromise of affected computers.