• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

OVActionD SNMPNotify Command Execution Vulnerability

Solution:
Version 6.2 is not vulnerable.

HP has stated that versions prior to 6.1 are not vulnerable by default. It is possible that they may be vulnerable with a custom configuration. Administrators using versions older than 6.1 are advised to upgrade to 6.2.

Patches available for version 6.1:


IBM Tivoli NetView 5.0

• IBM Tivoli ovactiond update
  http://www.tivoli.com/support/

IBM Tivoli NetView 5.1

• IBM Tivoli ovactiond update
  http://www.tivoli.com/support/

IBM Tivoli NetView 6.0

• IBM Tivoli ovactiond update
  http://www.tivoli.com/support/

HP OpenView Network Node Manager 6.10

• HP HP-UX 10.20 PHSS_24442
  http://ovweb.external.hp.com/cpe/patches/


• HP HP-UX 11.00 PHSS_24443
  http://ovweb.external.hp.com/cpe/patches/


• HP Solaris 2.x PSOV_02956
  http://ovweb.external.hp.com/cpe/patches/


• HP WinNT4.X/2000 NNM_00743
  http://ovweb.external.hp.com/cpe/patches/