HP OpenView OmniBack Unauthorized ImniBack Client Access

2001-02-28T00:00:00
ID OSVDB:6018
Type osvdb
Reporter DiGiT(teddi@linux.is)
Modified 2001-02-28T00:00:00

Description

Vulnerability Description

HP OpenView OmniBack contains a flaw that may allow a remote attacker to gain unauthorized access. The issue is triggered due to an unspecified flaw in the ImniBack client, which may allow a remote attacker to gain administrative access to the system and execute arbitrary commands resulting in a loss of confidentiality and/or integrity.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, Hewlett-Packard has released a patch to address this vulnerability.

Short Description

HP OpenView OmniBack contains a flaw that may allow a remote attacker to gain unauthorized access. The issue is triggered due to an unspecified flaw in the ImniBack client, which may allow a remote attacker to gain administrative access to the system and execute arbitrary commands resulting in a loss of confidentiality and/or integrity.

References:

Vendor URL: http://www.managementsoftware.hp.com/ Vendor Specific Advisory URL Other Advisory URL: http://www.securiteam.com/exploits/6M00O150KG.html Keyword: HPSBUX0102-142 ISS X-Force ID: 6434 Generic Exploit URL: http://metasploit.com/projects/Framework/exploits.html#openview_omniback CVE-2001-0311 Bugtraq ID: 11032