CVE-2007-0819 Information

Description

HP Network Node Manager (NNM) Remote Console 7.50 7.51 and 7.53 assigns Everyone Full Control permission for the PROGRAMFILES\HP OpenView directory tree which allows local users to gain privileges via a Trojan horse executable file or ActiveX component or a modified bin\ovtrcsvc.exe for the HP Open View Shared Trace Service.

Reference

http://archives.neohapsis.com/archives/fulldisclosure/2007-02/0174.html http://marc.info/?l=bugtraq&m=125063027228539&w=2 http://osvdb.org/33130 http://secunia.com/advisories/24066 http://securitytracker.com/id?1017609 http://securityvulns.com/news/HP/NNM/RC/WP.html http://www.securityfocus.com/bid/22475 http://www.vupen.com/english/advisories/2007/0533 https://exchange.xforce.ibmcloud.com/vulnerabilities/32362