CVE-2009-3845

N/A Unknown

Published: December 10, 2009 Modified: April 23, 2026

Description

The port-3443 HTTP server in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary commands via shell metacharacters in the hostname parameter to unspecified Perl scripts.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01950877

Source: hp-security-alert@hp.com

Patch Vendor Advisory

http://marc.info/?l=bugtraq&m=126046355120442&w=2

Source: hp-security-alert@hp.com

http://www.securityfocus.com/archive/1/508345/100/0/threaded

Source: hp-security-alert@hp.com

http://www.securityfocus.com/bid/37261

Source: hp-security-alert@hp.com

http://www.securityfocus.com/bid/37300

Source: hp-security-alert@hp.com

http://zerodayinitiative.com/advisories/ZDI-09-094/

Source: hp-security-alert@hp.com

https://exchange.xforce.ibmcloud.com/vulnerabilities/54651

Source: hp-security-alert@hp.com

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01950877