SECURITY BULLETIN : HP OpenView Network Node Manager

Users of SECURITY BULLETIN please be advised of a HP OpenView Network Node Manager vulnerability that has been identified.

To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)

Amplify’d from www.criticalwatch.com

HPSBMA02558 SSRT100158 rev.2: HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code

SECURITY BULLETIN

The information in this Security Bulletin should be acted upon as soon as possible. Release Date: 2010-07-20 Last Updated: 2010-07-21 Potential Security Impact: Remote execution of arbitrary code Source: Hewlett-Packard Company, HP Software Security Response Team VULNERABILITY SUMMARY A potential security vulnerability has been identified with HP OpenView Network Node Manager (OV NNM). The vulnerability could be exploited remotely to execute arbitrary code under the context of the user running the web server. References: CVE-2010-2704 SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP OpenView Network Node Manager (OV NNM) v7.51, v7.53 running on HP-UX, Linux, Solaris, and Windows BACKGROUND Read more at www.criticalwatch.com

 

See this Amp at http://bit.ly/aPfzU0