Tivoli Information for VU#952171

Hewlett Packard OpenView and Tivoli NetView do not adequately validate SNMP trap arguments



Vendor Statement

Tivoli acknowledges that certain user customizations to Tivoli NetView may lead to a potential security exposure. Please reference http://www.tivoli.com/support/ for further information and to obtain an e-fix which addresses the issue.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References



We have discussed this problem with Tivoli, and they report to us that they are vulnerable.

If you have feedback, comments, or additional information about this vulnerability, please send us email.