Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » HP network product security hole

HP network product security hole

by Nikola Strahija on August 31st, 2005 Enterprises using a Hewlett-Packard product for network management may be vulnerable to a serious flaw allowing remote attacks, the company has warned.


The problem lies in Network Node Manager, an HP OpenView product that carries out auto-discovery, control and monitoring of network devices via SNMP (Simple Network Management Protocol). A patch isn't yet available, but HP has issued an advisory describing a workaround to temporarily solve the problem.

A script called connectedNodes.ovpl fails to properly check inputs in a particular "node" parameter before running them as command-line arguments, according to HP. That means a remote attacker could execute malicious shell commands on a system running Network Node Manager, via a specially crafted input including shell meta characters, HP said.

-This vulnerability could be exploited remotely by an unauthorised user to gain privileged access, HP said in the advisory.

FrSIRT discovered three other scripts that have the same problem: cdpView.ovpl, freeIPaddrs.ovpl and ecscmg.ovpl. The bug affects Network Node Manager versions 6.2, 6.4, 7.01 and 7.50 on HP-UX, Solaris, Windows NT, Windows 2000, Windows XP and Linux. FrSIRT said the flaw was high risk.

No patch is yet available, but users can ward off danger by moving the affected scripts to different directories, HP said. This shouldn't result in too much disruption - for example, HP says that moving the connectedNodes.ovpl script will remove the ability to display connected nodes in tabular form.


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »