HP OpenView Network Node Manager 'nnmRptConfig.exe' Remote Code Execution Vulnerability

Bugtraq ID:	51049
Class:	Boundary Condition Error
CVE:	CVE-2011-3165
Remote:	Yes
Local:	No
Published:	Nov 01 2011 12:00AM
Updated:	Nov 01 2011 12:00AM
Credit:	[email protected] and TippingPoint's Zero Day Initiative
Vulnerable:	HP OpenView Network Node Manager 7.53 HP OpenView Network Node Manager 7.51
Not Vulnerable:

HP OpenView Network Node Manager 'nnmRptConfig.exe' Remote Code Execution Vulnerability

HP OpenView Network Node Manager is prone to a remote code-execution vulnerability because the 'nnmRptConfig.exe' CGI application fails to adequately validate user-supplied input.

Successful exploits can allow an attacker to execute arbitrary code with the privileges of the user running the webserver. Failed exploit attempts will likely result in denial-of-service conditions.

OpenView Network Node Manager 7.51 and 7.53 are vulnerable.

NOTE: This issue was previously discussed in BID 50471 (HP OpenView Network Node Manager Multiple Remote Code Execution Vulnerabilities) but has been given its own record to better document it.

HP OpenView Network Node Manager 'nnmRptConfig.exe' Remote Code Execution Vulnerability

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

HP OpenView Network Node Manager 'nnmRptConfig.exe' Remote Code Execution Vulnerability

Solution:
Updates are available. Please see the references for details.

HP OpenView Network Node Manager 'nnmRptConfig.exe' Remote Code Execution Vulnerability

References:

• OpenView Homepage (HP)
  
• HP OpenView NNM nnmRptConfig.exe nameParams Remote Code Execution Vulnerability (Hewlett-Packard)
  
• HPSBMU02712 SSRT100649 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote (HP)