CVE-2010-1554
HP OpenView NNM getnnmdata.exe CGI Invalid ICount Remote Code Execution Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
3Exploited in Wild
-Decision
Descriptions
Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid iCount parameter.
Desbordamiento de búfer basado en pila en etnnmdata.exe en HP OpenView Network Node Manager (OV NNM) 7.01, 7.51 y 7.53 permite a atacantes remotos ejecutar código de su elección mediante un parámetro iCount inválido.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Network Node Manager. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the getnnmdata.exe CGI. If this CGI is requested with an invalid iCount POST parameter a sprintf() call is made to log the error. However, no length check is performed on the variable contents before copying in to a fixed-length stack buffer. This can be leveraged by remote attackers to execute arbitrary code under the context of the webserver process.
The getnnmdata.exe CGI in HP OpenView NNM suffers from an invalid icount remote code execution vulnerability.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2010-04-26 CVE Reserved
- 2010-05-11 CVE Published
- 2010-07-02 First Exploit
- 2024-08-07 CVE Updated
- 2024-11-10 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (7)
URL | Tag | Source |
---|---|---|
http://securityreason.com/securityalert/8154 | Third Party Advisory | |
http://www.securityfocus.com/archive/1/511249/100/0/threaded | Mailing List | |
http://zerodayinitiative.com/advisories/ZDI-10-085 | X_refsource_misc |
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/17040 | 2011-03-24 | |
https://www.exploit-db.com/exploits/14181 | 2010-07-02 | |
http://www.exploit-db.com/exploits/14181 | 2024-08-07 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://marc.info/?l=bugtraq&m=127360750704351&w=2 | 2018-10-11 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Hp Search vendor "Hp" | Openview Network Node Manager Search vendor "Hp" for product "Openview Network Node Manager" | 7.0.1 Search vendor "Hp" for product "Openview Network Node Manager" and version "7.0.1" | - |
Affected
| ||||||
Hp Search vendor "Hp" | Openview Network Node Manager Search vendor "Hp" for product "Openview Network Node Manager" | 7.51 Search vendor "Hp" for product "Openview Network Node Manager" and version "7.51" | - |
Affected
| ||||||
Hp Search vendor "Hp" | Openview Network Node Manager Search vendor "Hp" for product "Openview Network Node Manager" | 7.51 Search vendor "Hp" for product "Openview Network Node Manager" and version "7.51" | hp-ux |
Affected
| ||||||
Hp Search vendor "Hp" | Openview Network Node Manager Search vendor "Hp" for product "Openview Network Node Manager" | 7.51 Search vendor "Hp" for product "Openview Network Node Manager" and version "7.51" | linux |
Affected
| ||||||
Hp Search vendor "Hp" | Openview Network Node Manager Search vendor "Hp" for product "Openview Network Node Manager" | 7.51 Search vendor "Hp" for product "Openview Network Node Manager" and version "7.51" | solaris |
Affected
| ||||||
Hp Search vendor "Hp" | Openview Network Node Manager Search vendor "Hp" for product "Openview Network Node Manager" | 7.51 Search vendor "Hp" for product "Openview Network Node Manager" and version "7.51" | windows |
Affected
| ||||||
Hp Search vendor "Hp" | Openview Network Node Manager Search vendor "Hp" for product "Openview Network Node Manager" | 7.53 Search vendor "Hp" for product "Openview Network Node Manager" and version "7.53" | - |
Affected
| ||||||
Hp Search vendor "Hp" | Openview Network Node Manager Search vendor "Hp" for product "Openview Network Node Manager" | 7.53 Search vendor "Hp" for product "Openview Network Node Manager" and version "7.53" | hp-ux |
Affected
| ||||||
Hp Search vendor "Hp" | Openview Network Node Manager Search vendor "Hp" for product "Openview Network Node Manager" | 7.53 Search vendor "Hp" for product "Openview Network Node Manager" and version "7.53" | linux |
Affected
| ||||||
Hp Search vendor "Hp" | Openview Network Node Manager Search vendor "Hp" for product "Openview Network Node Manager" | 7.53 Search vendor "Hp" for product "Openview Network Node Manager" and version "7.53" | solaris |
Affected
| ||||||
Hp Search vendor "Hp" | Openview Network Node Manager Search vendor "Hp" for product "Openview Network Node Manager" | 7.53 Search vendor "Hp" for product "Openview Network Node Manager" and version "7.53" | windows |
Affected
|