CVE-2011-0271 Information

Description

The CGI scripts in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 do not properly validate an unspecified parameter which allows remote attackers to execute arbitrary commands by using a command string for this parameter’s value related to a \command injection vulnerability.\

Reference

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=887 http://www.securityfocus.com/archive/1/515628 http://www.securityfocus.com/bid/45762 http://www.securitytracker.com/id?1024951 http://www.vupen.com/english/advisories/2011/0085 https://exchange.xforce.ibmcloud.com/vulnerabilities/64657