Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

HP OpenView Network Node Manager (OV NNM) 7.x - 'OpenView5.exe?Action' Traversal Arbitrary File Access

Related Vulnerabilities: CVE-2008-0068  
Publish Date: 11 Apr 2008
Author: Luigi Auriemma
Source / Download Exploit 
                source: http://www.securityfocus.com/bid/28745/info

HP OpenView Network Node Manager is prone to multiple vulnerabilities affecting the 'ovalarmsrv.exe' and 'ovtopmd.exe' processes. These issues include a directory-traversal issue and multiple denial-of-service issues.

UPDATE (April 14, 2008): Secunia Research discovered, independently, that the 'OpenView5.exe' process is also prone to the directory-traversal issue; this affects Network Node Manager 7.51. Note that 'ovalarmsrv.exe' may also be named 'OpenView5.exe'.

Attackers can exploit these issues to access potentially sensitive data on the affected computer or to deny service to legitimate users.

HP OpenView Network Node Manager 7.53 is vulnerable; other versions may also be affected.

http://www.example.com/OvCgi/OpenView5.exe?Target=Main&Action=../../../../../../windows/win.ini

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started