This Metasploit module exploits a buffer overflow in HP OpenView Network Node Manager 7.50/7.53. By sending specially crafted MaxAge parameter to the getnnmdata.exe CGI, an attacker may be able to execute arbitrary code.
80ff73419a7cd13d7e21eb8ec7e33cd16805fe4f27fb6954c76a5d837fa3bf7f
The getnnmdata.exe CGI in HP OpenView NNM suffers from an invalid maxage remote code execution vulnerability.
99fff4ac99bab3b5e5300c6c5dbdf4f2e9414684b5c71f7898cb6c50ee81c184
HP Security Bulletin - Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). These vulnerabilities could be exploited remotely to execute arbitrary code.
b8679c50a8aa94d63d460ccd120eae4f0fa1767849203be1affb0687ac3f1934
Zero Day Initiative Advisory 10-084 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getnnmdata.exe CGI. If this CGI is requested with an invalid MaxAge parameter a sprintf() call is made to log the error. However, no length check is performed on the variable contents before copying in to a fixed-length stack buffer. This can be leveraged by remote attackers to execute arbitrary code under the context of the webserver process.
eda2c51e493c29d2758ac012e9f0f3fd057ea0373fcf515d6c8e501fe446845b