Detections
Analytics
HP OpenView Network Node Manager Multiple Scripts Remote Command Execution
high Nessus Plugin ID 19555
Language:
Synopsis
The remote web server contains a CGI script that allows execution of arbitrary commands.Description
The remote version of HP OpenView Network Node Manager fails to sanitize user-supplied input to various parameters used in the 'cdpView.ovpl', 'connectedNotes.ovpl', 'ecscmg.ovpl', and 'freeIPaddrs.ovpl' scripts before using it to run a command. By leveraging these flaws, an unauthenticated attacker may be able to execute arbitrary commands on the remote host within the context of the affected web server userid.Solution
Apply the appropriate patch referenced in the vendor's advisory above.See Also
https://www.securityfocus.com/archive/1/409179
https://www.securityfocus.com/archive/1/409196
http://www.securityfocus.com/advisories/9150
http://www4.itrc.hp.com/service/cki/docDisplay.do?docId=c00604164
Plugin Details
Severity: High
ID: 19555
File Name: openview_nnm_cmd_exec.nasl
Version: 1.23
Type: remote
Family: CGI abuses
Published: 9/1/2005
Updated: 4/25/2023
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: High
Score: 7.4
CVSS v2
Risk Factor: High
Base Score: 7.5
Temporal Score: 6.2
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS Score Source: CVE-2005-2773
Vulnerability Information
CPE: cpe:/a:hp:openview_network_node_manager
Exploit Available: true
Exploit Ease: No exploit is required
Vulnerability Publication Date: 8/25/2005
CISA Known Exploited Vulnerability Due Dates: 4/15/2022
Exploitable With
Metasploit (HP Openview connectedNodes.ovpl Remote Command Execution)
Reference Information
CVE: CVE-2005-2773