CVE-2001-0552
HP OpenView Network Node Manager 6.1 and Tivoli Netview 5.x-6.x - Remote Code Execution via SNMP Trap Message
Title source: manualExploitation Summary
EIP tracks 1 public exploit for CVE-2001-0552. PoCs published by Milo van der Zee.
AI-analyzed exploit summary The exploit leverages a vulnerability in ovactiond (part of HP OpenView and IBM Netview) where a crafted SNMP trap allows remote command execution with the privileges of the ovactiond process. The PoC uses the `snmptrap` command to send a malicious trap containing a command encapsulated in quotes and escapes, leading to arbitrary command execution.
Description
ovactiond in HP OpenView Network Node Manager (NNM) 6.1 and Tivoli Netview 5.x and 6.x allows remote attackers to execute arbitrary commands via shell metacharacters in a certain SNMP trap message.
Exploits (1)
The exploit leverages a vulnerability in ovactiond (part of HP OpenView and IBM Netview) where a crafted SNMP trap allows remote command execution with the privileges of the ovactiond process. The PoC uses the `snmptrap` command to send a malicious trap containing a command encapsulated in quotes and escapes, leading to arbitrary command execution.