Lucene search
SAINT CorporationSAINT:34D6D846B7772CD0CF4771A13E75FC3FHistoryAug 23, 2010 - 12:00 a.m.
HP OpenView NNM getnnmdata.exe CGI ICount Parameter Buffer Overflow
2010-08-2300:00:00
SAINT Corporation
www.saintcorporation.com
16
EPSS
0.962
Percentile
99.6%
Added: 08/23/2010
CVE: CVE-2010-1554
BID: 40071
OSVDB: 64976
Background
HP OpenView Network Node Manager is network availability and performance management software.
Problem
A buffer overflow vulnerability in Network Node Manager allows remote attackers to execute arbitrary commands by sending a request for the getnnmdata.exe CGI program with a specially crafted ICount parameter.
Resolution
Apply the fix referenced in HPSBMA02527 SSRT010098.
References
<http://www.zerodayinitiative.com/advisories/ZDI-10-085/>
Limitations
Exploit works on HP OpenView Network Node Manager 7.53.
On Windows Server 2003, Read and Execute privileges on the file ‘%windir%\system32\cmd.exe’ must be granted to the Internet Guest Account “IUSR_<computername>” for the exploit to work properly.
Platforms
Windows
Related
packetstorm
packetstorm
HP OpenView Network Node Manager getnnmdata.exe (ICount) CGI Buffer Overflow
2011-03-24 00:00:00
HP OpenView NNM getnnmdata.exe CGI Invalid ICount Remote Code Execution
2010-07-03 00:00:00
zdt
zdt
HP OpenView Network Node Manager getnnmdata.exe (ICount) CGI BOF
2011-03-25 00:00:00
HP OpenView NNM getnnmdata.exe CGI Invalid ICount Code Execution
2010-07-02 00:00:00
metasploit
metasploit
HP OpenView Network Node Manager getnnmdata.exe (ICount) CGI Buffer Overflow
2011-03-23 21:57:16
exploitpack
exploitpack
saint
saint
HP OpenView NNM getnnmdata.exe CGI ICount Parameter Buffer Overflow
2010-08-23 00:00:00
HP OpenView NNM getnnmdata.exe CGI ICount Parameter Buffer Overflow
2010-08-23 00:00:00
HP OpenView NNM getnnmdata.exe CGI ICount Parameter Buffer Overflow
2010-08-23 00:00:00
cve
cve
CVE-2010-1554
2010-05-13 17:30:02
checkpoint_advisories
checkpoint_advisories
prion
prion
Stack overflow
2010-05-13 17:30:00
zdi
zdi
securityvulns
securityvulns
ZDI-10-085: HP OpenView NNM getnnmdata.exe CGI Invalid ICount Remote Code Execution Vulnerability
2010-05-12 00:00:00
[security bulletin] HPSBMA02527 SSRT010098 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
2010-05-12 00:00:00
HP OpenView Network Node Manage multiple security vulnerabilities
2010-05-12 00:00:00
exploitdb
exploitdb
seebug
seebug
HP OpenView NNM getnnmdata.exe CGI Invalid ICount Remote Code Execution
2014-07-01 00:00:00
cvelist
cvelist
CVE-2010-1554
2010-05-13 17:00:00
nvd
nvd
CVE-2010-1554
2010-05-13 17:30:02
openvas
openvas
HP OpenView Network Node Manager Multiple Vulnerabilities (May 2010)
2010-06-01 00:00:00
nessus
nessus
HP-UX PHSS_40708 : s700_800 11.X OV NNM7.53 IA-64 Intermediate Patch 26
2010-05-17 00:00:00
HP-UX PHSS_40707 : s700_800 11.X OV NNM7.53 PA-RISC Intermediate Patch 26
2010-05-17 00:00:00
HP-UX PHSS_40705 : s700_800 11.11 OV NNM7.01 Intermediate Patch 13
2010-05-10 00:00:00