what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

CVE-2010-1554

Status Candidate

Overview

Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid iCount parameter.

Related Files

HP OpenView Network Node Manager getnnmdata.exe (ICount) CGI Buffer Overflow
Posted Mar 24, 2011
Authored by MC | Site metasploit.com

This Metasploit module exploits a buffer overflow in HP OpenView Network Node Manager 7.50/7.53. By sending specially crafted ICount parameter to the getnnmdata.exe CGI, an attacker may be able to execute arbitrary code.

tags | exploit, overflow, arbitrary, cgi
advisories | CVE-2010-1554
SHA-256 | 4c22f86bdf3b46260576ea5cf66c91a1e70361023d657dd8cabdade506e19c3c
HP OpenView NNM getnnmdata.exe CGI Invalid ICount Remote Code Execution
Posted Jul 3, 2010
Authored by S2 Crew

The getnnmdata.exe CGI in HP OpenView NNM suffers from an invalid icount remote code execution vulnerability.

tags | exploit, remote, cgi, code execution
advisories | CVE-2010-1554
SHA-256 | a571b3f43d5b54967615a025bbfff4b53fd0146fac0bf7d8b77afd569ade2144
Zero Day Initiative Advisory 10-085
Posted May 12, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-085 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getnnmdata.exe CGI. If this CGI is requested with an invalid iCount POST parameter a sprintf() call is made to log the error. However, no length check is performed on the variable contents before copying in to a fixed-length stack buffer. This can be leveraged by remote attackers to execute arbitrary code under the context of the webserver process.

tags | advisory, remote, arbitrary, cgi
advisories | CVE-2010-1554
SHA-256 | 8015452f65440290ba654f55ca908345c85c47a32758be472efab3338115e75c
HP Security Bulletin HPSBMA02527 SSRT010098
Posted May 12, 2010
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). These vulnerabilities could be exploited remotely to execute arbitrary code.

tags | advisory, arbitrary, vulnerability
advisories | CVE-2010-1550, CVE-2010-1551, CVE-2010-1552, CVE-2010-1553, CVE-2010-1554, CVE-2010-1555
SHA-256 | b8679c50a8aa94d63d460ccd120eae4f0fa1767849203be1affb0687ac3f1934
Page 1 of 1
Back1Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close