PT-2001-1754 · Hewlett Packard+1 · Hp Openview Network Node Manager+1

Published

2001-08-29

Updated

2016-10-18

CVE-2001-0552

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: HP OpenView Network Node Manager (NNM) version 6.1 Tivoli Netview versions 5.x through 6.x

Description: The issue allows remote attackers to execute arbitrary commands via shell metacharacters in a certain SNMP trap message. This is related to the ovactiond component.

Recommendations: For HP OpenView Network Node Manager (NNM) version 6.1, update the software to remove the vulnerability. For Tivoli Netview versions 5.x through 6.x, update the software to remove the vulnerability. As a temporary workaround, consider restricting access to the ovactiond component to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2001-0552

Affected Products

Hp Openview Network Node Manager

Tivoli Netview

PT-2001-1754 · Hewlett Packard+1 · Hp Openview Network Node Manager+1

CVE-2001-0552

Related Identifiers

Affected Products

References · 6