HP OpenView Performance Insight Server Backdoor Account

Added: 03/03/2011
CVE: CVE-2011-0276
BID: 46079
OSVDB: 70754

Background

HP OpenView Performance Insight (OVPI) Server is a management utility that monitors and reports on the performance of services.

Problem

A backdoor account may allow an attacker to execute arbitrary code on the system.

Resolution

Apply patch 5.41.002 piweb HF02.

References

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02695453
http://secunia.com/advisories/43145
http://osvdb.org/70754
http://www.securityfocus.com/bid/46079

Limitations

This exploit works against HP OpenView Performance Insight (OVPI) 5.41.0 on Windows Server 2003 SP2 English (DEP OptOut) and Windows Server 2008 SP1 English (DEP OptOut).

Platforms

Windows

Back to exploit index