CIA Security Research, Security Alerts, Security Tools for Application Security

- Top Vulnerabilities

- Resources

- Alerts

- Disclosure Guidelines

- Library Updates

- Cenzic Newsletter

- White Paper Download

CIA RESEARCH

Alerts

[CIA-1032-Alert] HP Openview Network Node Manager Command Injection

Summary:

Insufficient input validation within the HP Openview Node Manager allows a remote attacker to execute arbitrary commands on the Node Manager Server.

Technical Details:

The HP Node Manager server ships with a vulnerable script, ’connectNodes.ovpl,’ that fails to properly validate information passed within the ’node’ parameter. Other scripts such as cdpView.ovpl, freeIPaddrs.ovpl, and ecscmg.ovpl also have similar vulnerabilities. As a result it is possible to inject commands by supplying specially crafted strings embedded within HTTP requests.

The sample URL below demonstrates this flaw:

http://[HP Node Manager Server]:3443/OvCgi/
connectedNodes.ovpl?node=a|INJECTEDCOMMANDS|

An attacker could exploit this vulnerability and execute commands with the privileges of the web process, possibly obtaining access to sensitive files or gaining access to the server itself.

Solution:

HP has provided a workaround. Follow the steps outlined in the workaround for the Node Manager Server. (You must have an account with HP in order to read the link below.)

http://www2.itrc.hp.com/service/cki/docDisplay.do? admit
=-1335382922+1125930917625+28353475&docId=
HPSBMA01224

CVE Reference:

GENERIC-MAP-NOMATCH

SecurityTracker Number(s):

1014791

Vendor URL:

About the Cenzic CIA Team:

Cenzic Intelligent Analysis (CIA) is Cenzic’s research arm that focuses on continuous research for application vulnerabilities. Industry Research, Vulnerability assessment, penetration testing, and security testing — that’s what Cenzic Intelligent Analysis Research is all about. Cenzic has dedicated experts whose sole job is to perform ongoing research to find not only common vulnerabilities but also vulnerabilities found in customer applications and make them available to our customers and to the community at large.

About Cenzic:

Cenzic provides Hailstorm® the revolutionary enterprise software suite for automated application security assessment and compliance that allows corporations and government organizations to dramatically improve the security of commercial and custom applications. Hailstorm enables security experts, QA professionals, and developers to work together to assess, analyze, and remediate applications for security vulnerabilities, and verify compliance with security policies. Benefits include reduced security risk and liability, lower development and testing costs, and faster time-to-market. Cenzic’s customers are currently in the financial services and
e-marketplaces sectors. For more information visit www.cenzic.com or call 1-866-4-CENZIC


>	Datasheet: Hailstorm Enterprise ARC
>	Datasheet: Hailstorm Pro
>	Datasheet: Hailstorm Starter
>	Datasheet: Hailstorm Core
>	White Paper: Beyond Simple Vulnerabilities Scanning
>	White Paper: Cross Frame Scripting
>	White Paper: Cenzic Imperative Assessment Plan
>	White Paper: Enabling Security in the Software Development Lifecycle (PDF)