Computer Security
[EN] no-pyccku

HP Network Node Manager remote console weak files permissions
updated since 07.02.2007
SecurityVulns ID:7194
Threat Level:
Description:Weak permissions for C:\Program Files\HP OpenView allows executable files and system service file spoofing.
Affected:HP : Network Node Manager 7.50
CVE:CVE-2007-0819 (HP Network Node Manager (NNM) Remote Console 7.50 assigns Everyone Full Control permission for the %PROGRAMFILES%\HP OpenView directory tree, which allows local users to gain privileges via a Trojan horse executable file or ActiveX component, or a modified bin\ovtrcsvc.exe for the HP Open View Shared Trace Service.)
Original documentdocumentHP, [security bulletin] HPSBMA02448 SSRT061231 rev.1 - HP Network Node Manager (NNM) Remote Console Running on Windows, Local Execution of Arbitrary Code, Denial of Service (DoS) (19.08.2009)
Files:Hewlett-Packard Network Node Manager 7.50 Remote Console weak files permissions

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod