HP OpenView Network Node Manager Multiple Remote Command Execution Vulnerabilities

An exploit is not required.

The following proof of concept is available:
http://www.example.com:3443/OvCgi/connectedNodes.ovpl?node=a| [your command] |

Proof of concept example 'hp_ovnnm_poc.c' has been provided by Lympex.

The openview_connectednodes_exec.pm exploit is available for the Metasploit framework.


 

Privacy Statement
Copyright 2010, SecurityFocus