Systems running HP's OpenView Network Node Manager version 6.1 or Tivoli NetView versions 5.x and 6.x have been found to contain a hole that could allow an intruder to gain complete administrative control of a machine. The vulnerability has been reported by the Computer Emergency Response Team (CERT), and security experts are anxious for system administrators to install HP's patch.
"In (the) wake of Code Red, it has never been more important to install the patch," said Graham Cluely, senior technology consultant for antivirus company Sophos. "Hackers are often on these mailing lists, so system administrators need to be ahead of the game."
In the case of Code Red, Microsoft released a patch for the Internet Information Server (IIS) software vulnerability on June 18, but it was not until a month later that the self-propagating worm was unleashed.
The new HP vulnerability could allow an intruder to execute arbitrary commands by sending a malicious message to the management server. There is also the additional threat that an intruder may be able to tamper with other networked devices once access is gained.
"This is a good reminder that it's not just Microsoft that goofs up--any software can contain holes," said Cluley. "HP software isn't in as common use as IIS, but it's a different community of people who don't want to go down the Microsoft route."
More information on the patches is available from HP and Tivoli.
