CVE-2009-3845 Information

Description

The port-3443 HTTP server in HP OpenView Network Node Manager (OV NNM) 7.01 7.51 and 7.53 allows remote attackers to execute arbitrary commands via shell metacharacters in the hostname parameter to unspecified Perl scripts.

Reference

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01950877 http://marc.info/?l=bugtraq&m=126046355120442&w=2 http://www.securityfocus.com/archive/1/508345/100/0/threaded http://www.securityfocus.com/bid/37261 http://www.securityfocus.com/bid/37300 http://zerodayinitiative.com/advisories/ZDI-09-094/ https://exchange.xforce.ibmcloud.com/vulnerabilities/54651