Published: 02/09/2005 Updated: 11/07/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 760

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

HP OpenView Network Node Manager 6.2 up to and including 7.50 allows remote malicious users to execute arbitrary commands via shell metacharacters in the (1) node parameter to connectedNodes.ovpl, (2) cdpView.ovpl, (3) freeIPaddrs.ovpl, and (4) ecscmg.ovpl.

Vulnerable Product	Search on Vulmon	Subscribe to Product
hp openview network node manager 6.31
hp openview network node manager 7.50
hp openview network node manager 6.4
hp openview network node manager 6.10
hp openview network node manager 6.2
hp openview network node manager 6.41
hp openview network node manager 7.0.1

## # $Id: openview_connectednodes_execrb 9671 2010-07-03 06:21:31Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/ ...

/* Web Browser info: /OvCgi/connectedNodesovpl?node=a|command| /str0ke */ /* ################################################################################## # HP OpenView Network Node Manager 62, 64, 701, 750 Remote Command Execution # ################################################################################## Name: HP OV NNM Rem ...

NVD-CWE-Other http://www.securityfocus.com/bid/14662 http://secunia.com/advisories/16555/http://www.securityfocus.com/advisories/9150 http://marc.info/?l=bugtraq&m=112499121725662&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/21999 https://nvd.nist.gov https://www.exploit-db.com/exploits/16887/

CVE-2005-2773

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect