CVE-2011-0271: OS Command Injection
First published: Thu Jan 13 2011(Updated: )
The CGI scripts in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 do not properly validate an unspecified parameter, which allows remote attackers to execute arbitrary commands by using a command string for this parameter's value, related to a "command injection vulnerability."
Credit: hp-security-alert@hp.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| HP OpenView Network Node Manager | =7.51 | |
| HP OpenView Network Node Manager | =7.53 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.securityfocus.com/archive/1/515628
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=887
- http://www.securityfocus.com/bid/45762
- http://www.securitytracker.com/id?1024951
- http://www.vupen.com/english/advisories/2011/0085
- https://exchange.xforce.ibmcloud.com/vulnerabilities/64657
- collector/nvd-historical
- collector/nvd-index
- agent/references
- agent/severity
- agent/author
- agent/weakness
- agent/type
- agent/event
- agent/last-modified-date
- agent/description
- agent/first-publish-date
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/hp
- canonical/hp openview network node manager
- version/hp openview network node manager/7.51
- version/hp openview network node manager/7.53