Remote Command Execution Vulnerability in HP OpenView Network Node Manager
CVE-2001-0552

Currently unrated

Key Information:

Vendor: IBM
Status: Tivoli Netview; Openview Network Node Manager
Vendor: CVE Published:; 20 September 2001

Summary

The vulnerability exists in the ovactiond component of HP OpenView Network Node Manager and specific versions of Tivoli NetView. It allows remote attackers to exploit the system by delivering specially crafted SNMP trap messages that include shell metacharacters. This can lead to unauthorized command execution on the affected servers, potentially compromising the integrity and security of the network management system.

References

http://www.securityfocus.com/bid/2845

vdb-entryx_refsource_BID

http://marc.info/?l=bugtraq&m=99201278704545&w=2

mailing-listx_refsource_BUGTRAQ

http://www.cert.org/advisories/CA-2001-24.html

third-party-advisoryx_refsource_CERT

Timeline

Vulnerability published
Sep 20, 2001
Vulnerability Reserved
Jul 18, 2001