Computer Security
[EN] securityvulns.ru
no-pyccku



HP Network Node Manager remote console weak files permissions
updated since 07.02.2007
Published:19.08.2009
Source:SECURITYVULNS
SecurityVulns ID:7194
Type:remote
Level:5/10
Description:Weak permissions for C:\Program Files\HP OpenView allows executable files and system service file spoofing.
Affected:HP : Network Node Manager 7.50
CVE:CVE-2007-0819 (HP Network Node Manager (NNM) Remote Console 7.50 assigns Everyone Full Control permission for the %PROGRAMFILES%\HP OpenView directory tree, which allows local users to gain privileges via a Trojan horse executable file or ActiveX component, or a modified bin\ovtrcsvc.exe for the HP Open View Shared Trace Service.)
Original documentdocumentHP, [security bulletin] HPSBMA02448 SSRT061231 rev.1 - HP Network Node Manager (NNM) Remote Console Running on Windows, Local Execution of Arbitrary Code, Denial of Service (DoS) (19.08.2009)
Files:Hewlett-Packard Network Node Manager 7.50 Remote Console weak files permissions
Discuss:Read or add your comments to this news (0 comments)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 



Rating@Mail.ru