SAINT CorporationSAINT:E31B141E7568E9F6BD86756DDBEE0E76HP OpenView NNM getnnmdata.exe CGI ICount Parameter Buffer Overflow
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.964 High
EPSS
Percentile
99.4%
Added: 08/23/2010
CVE: CVE-2010-1554
BID: 40071
OSVDB: 64976
Background
HP OpenView Network Node Manager is network availability and performance management software.
Problem
A buffer overflow vulnerability in Network Node Manager allows remote attackers to execute arbitrary commands by sending a request for the getnnmdata.exe CGI program with a specially crafted ICount parameter.
Resolution
Apply the fix referenced in HPSBMA02527 SSRT010098.
References
<http://www.zerodayinitiative.com/advisories/ZDI-10-085/>
Limitations
Exploit works on HP OpenView Network Node Manager 7.53.
On Windows Server 2003, Read and Execute privileges on the file ‘%windir%\system32\cmd.exe’ must be granted to the Internet Guest Account “IUSR_<computername>” for the exploit to work properly.
Platforms
Windows
Related
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.964 High
EPSS
Percentile
99.4%