what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

CVE-2010-1555

Status Candidate

Overview

Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid Hostname parameter.

Related Files

HP OpenView Network Node Manager getnnmdata.exe (Hostname) CGI Buffer Overflow
Posted Mar 25, 2011
Authored by MC | Site metasploit.com

This Metasploit module exploits a buffer overflow in HP OpenView Network Node Manager 7.50/7.53. By sending specially crafted Hostname parameter to the getnnmdata.exe CGI, an attacker may be able to execute arbitrary code.

tags | exploit, overflow, arbitrary, cgi
advisories | CVE-2010-1555, OSVDB-64976
SHA-256 | 02e35aef4d2704a877aaa34534a7c31d092c5935e1f8e3a97604db506cae3315
HP OpenView NNM getnnmdata.exe CGI Invalid Hostname Remote Code Execution
Posted Jul 3, 2010
Authored by S2 Crew

The getnnmdata.exe CGI in HP OpenView NNM suffers from an invalid hostname remote code execution vulnerability.

tags | exploit, remote, cgi, code execution
advisories | CVE-2010-1555
SHA-256 | c6160b614bd30c506691655f57ba3799b71c58e54ef143c0304ac845e925ce87
Zero Day Initiative Advisory 10-086
Posted May 12, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-086 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getnnmdata.exe CGI. If this CGI is requested with an invalid Hostname parameter a sprintf() call is made to log the error. However, no length check is performed on the variable contents before copying in to a fixed-length stack buffer. This can be leveraged by remote attackers to execute arbitrary code under the context of the webserver process.

tags | advisory, remote, arbitrary, cgi
advisories | CVE-2010-1555
SHA-256 | c506d236bec0849d06da5bf422cd5205ac1a99d26baca5b0e87f982864fea9f2
HP Security Bulletin HPSBMA02527 SSRT010098
Posted May 12, 2010
Authored by Hewlett Packard | Site hp.com

HP Security Bulletin - Potential security vulnerabilities have been identified with HP OpenView Network Node Manager (OV NNM). These vulnerabilities could be exploited remotely to execute arbitrary code.

tags | advisory, arbitrary, vulnerability
advisories | CVE-2010-1550, CVE-2010-1551, CVE-2010-1552, CVE-2010-1553, CVE-2010-1554, CVE-2010-1555
SHA-256 | b8679c50a8aa94d63d460ccd120eae4f0fa1767849203be1affb0687ac3f1934
Page 1 of 1
Back1Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close